Summary: In March 2025, senior members of the World Uyghur Congress were targeted by a customized malware campaign involving a trojanized version of UyghurEdit++, aimed at conducting surveillance on the Uyghur diaspora. The sophisticated spear-phishing approach exploited legitimate tools to deliver malware disguised as trusted communication. This campaign highlights ongoing digital repression tactics believed to be linked to the Chinese government, aimed at controlling Uyghur activists abroad.
Affected: World Uyghur Congress (WUC), Uyghur diaspora
Keypoints :
- Targets included senior members of the WUC living in exile.
- Malware was delivered through well-crafted phishing emails containing Google Drive links.
- The spear-phishing campaign shows a deep understanding of the Uyghur community, indicating state-sponsored involvement.
- Malicious software profiled systems and communicated with external servers, allowing for extensive surveillance.
- Citizen Lab reports underscore a broader pattern of transnational repression against Uyghurs by the Chinese government.
Source: https://thehackernews.com/2025/04/malware-attack-targets-world-uyghur.html