China may have been one of the first countries to lock down over the first months of 2020, as Covid-19 began its global spread. But that didn't stop suspected Chinese spies from carrying out a new smartphone-hacking campaign, aimed at one of their favorite targets: the country's Uighur ethnic minority.
From as early as December of last year and continuing through March, Chinese hackers used so-called "watering hole" attacks to plant malware on the iPhones of Uighurs, according to new findings from the security firm Volexity. To do so, a hacker group that Volexity calls Evil Eye compromised popular Uighur websites, including the news and education site Uyghur Academy and the Uighur Times news outlet. Visiting those sites on an iPhone would automatically infect the device with sophisticated spyware designed to gain access to its data, particularly messaging applications.
That indiscriminate web-based hacking campaign is remarkable not just because it occurred during the peak of China's novel coronavirus crisis, but also because it began just months after Volexity and Google publicly revealed that the same Evil Eye group was hacking smartphones via those same websites, using a rare collection of previously unknown iOS software vulnerabilities—also known as zero-day vulnerabilities—that shocked the cybersecurity world. The security research group Citizen Lab found that the same zero-day vulnerabilities were also being used to target Tibetan victims, which Volexity sees as a suggestion that the hackers were likely carrying out domestic surveillance on behalf of the Chinese government. The country has faced international criticism over its treatment of both ethnic groups, with a growing focus in recent years on covid crisis china still hacking uighurs iphones
