The Uyghur community located in China and Pakistan has been the subject of an ongoing espionage campaign aiming to trick the targets into downloading a Windows backdoor to amass sensitive information from their systems.
“Considerable effort was put into disguising the payloads, whether by creating delivery documents that appear to be originating from the United Nations using up to date related themes, or by setting up websites for non-existing organizations claiming to fund charity groups,” according to joint research published by Check Point Research and Kaspersky today.
The Uyghurs are a Turkic ethnic minority group originating from Central and East Asia and are recognized as native to the Xinjiang Uyghur Autonomous Region in Northwest China. At least since 2015, government authorities have placed the region under tight surveillance, putting hundreds of thousands into prisons and internment camps that the government calls “Vocational Education and Training Centers.”
Over the years, the community has also been at the receiving end of a series of sustained cyberattacks that have leveraged exploit chains and watering holes to install spyware designed to harvest and exfiltrate sensitive data from email and messaging apps as well as plunder photos and login credentials.
images from Hacker News