Beijing: Alleged Chinese-speaking hackers are using fake emails from the United Nations (U.N.) and a human rights group to target Uyghur Muslims in China and abroad, claims cybersecurity researchers.
The findings were part of a joint collaboration between cybersecurity groups Check Point Research and Kaspersky’s Global Research & Analysis Team, which concluded with “low to medium confidence” that the effort was carried out by Chinese-speaking hackers, reports The Hill.
The researchers found that the hackers were targeting Uyghurs in both China and Pakistan using malicious emails designed to trick individuals into installing a back door into Microsoft Windows software to allow the hackers to collect information and carry out further attacks, the report further said.
The emails are sent under the guise of the U.N.’s Human Rights Council or from a fake human rights organization known as the Turkic Culture and Heritage Foundation, both of which target Uyghurs applying for grant funds. The emails either used malicious downloaded documents or links to fake websites to install the back door, The Hill reported.
“We believe that these cyberattacks are motivated by espionage, with the endgame of the operation being the installation of a back door into the computers of high-profile targets in the Uyghur community,” Lotem Finkelsteen, the head of threat intelligence at Check Point, said in a statement provided to The Hill.
“The attacks are designed to fingerprint infected devices, including all of its running programs. From what we can tell, these attacks are ongoing, and new infrastructure is being created for what looks like future attacks,” Finkelsteen added.