Techrecipe

Facebook “Deported Chinese hacker group from attacking Uyghurs”

Facebook announced on its platform that a group of Chinese hackers carried out malicious attacks against certain communities. Facebook is calling attention, such as immediately targeting the group account that was attacking to be deleted and notifying the user.

According to Facebook, the target of the attack was less than 500 commercial people from Xinjiang Uyghur Autonomous Regions who lived outside China such as Turkey, Kazakhstan, the United States, and Syria. Hackers used fake Facebook accounts to pretend to be virtual journalists, students, human rights organizations, and Uyghur community members to build trust with the target and induce them to link to malicious sites.

The link provided by the hacker was that the domain was being used on popular Uyghur and Turkish news sites. In addition, it is said that it was using sophisticated techniques such as allowing malicious code-planted applications and dictionary applications to be downloaded from the Google Play Store page.

Nathaniel Gleicher, head of Facebook cyber espionage investigation and security policy, announced that the series of activities was by a single organization called Earth Empur or Poison Carp and Evil Eye. did. Facebook also announced that two Chinese companies, Best LH (Beijing Best United Technology Co Ltd) and Dalian 9Rush Technology Co Ltd, have developed Android tools used by a group of hackers.

Earthemper is suspected of approaching Tibet-related people with similar techniques from 2018 to 2019. Gleicher said the hack is characterized by abundance of resources, continuous operation, and making it difficult to specify who the background is. Meanwhile, China denies the allegations that it had nothing to do with cyber espionage. Related information can be found here.