San Francisco, March 25 (SocialNews.XYZ) Facebook has taken tough action against China-based hackers who abused its platform to target activists, journalists and dissidents predominantly among the Uyghur community.
The Facebook threat intelligence analysts disabled the accounts of a group of hackers in China known as "Earth Empusa" or "Evil Eye", disrupting their ability to use their infrastructure to abuse its platform, distribute malware and hack people's accounts across the Internet.
The investigation and malware analysis found that Beijing Best United Technology Co., Ltd. (Best Lh) and Dalian 9Rush Technology Co., Ltd. (9Rush), two Chinese companies, are the developers behind some of the Android tooling deployed by this group.
"They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey, Kazakhstan, the United States, Syria, Australia, Canada and other countries," Nathaniel Gleicher, Head of Security Policy at Facebook, said in a statement late on Wednesday.
The cyber espionage campaign manifested primarily in sending links to malicious websites rather than direct sharing of the malware itself.
"We saw this activity slow down at various times, likely in response to our and other companies' actions to disrupt their activity," Facebook said.
The hacker group set up malicious websites that used look-alike domains for popular Uyghur and Turkish news sites.
They also appeared to have compromised legitimate websites frequently visited by their targets as part of watering hole attacks. A watering hole attack is when hackers infect websites frequently visited by intended targets to compromise their devices.
"This group used fake accounts on Facebook to create fictitious personas posing as journalists, students, human rights advocates or members of the Uyghur community to build trust with people they targeted and trick them into clicking on malicious links," the social network explained.
Facebook also found websites set up by this group that mimic third-party Android app stores where they published Uyghur-themed applications, including a keyboard app, prayer app, and dictionary app, and disabled those.
Source: IANS
About Gopi
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz