Facebook announced that it removed the account of a group of Chinese hackers. The group was targeting the people belonging to the Uighurs community.
The hackers were using malicious sites to create fake and bogus Uighur-themed apps for the Android app store. It includes a dictionary app and a prayer app. The hackers also contributed to making similar websites for Turkish and Uighur news sites. Also, they pretend to be students, journalists, human rights advocates, or any other member of the Uighur community on Facebook. They aimed to build trust in other people to trick them into clicking on malicious links to install spyware on their devices.
The security researchers know the group of Chinese hackers as Evil Eye, Earth Empusa, or Poison Carp. They target almost 500 people on Facebook, including users living in Australia, Canada, Syria, Turkey, and the United States. By creating a fake account on Facebook, these hackers act like journalists or other public figures to encourage their target to visit the compromised sites beyond Facebook.
In a blog post, the Facebook cybersecurity investigators told, this activity had the signs of a continuous operation. Facebook said it had blocked the hackers’ accounts and the malicious domain that can risk people’s online security and privacy.
The researchers believed that Beijing is behind the hacking campaigns. As China wants to increase its communities’ surveillance, it can be one way of doing it. But Facebook rejected the idea to link the event with the Chinese government.
The Chinese Embassy in Washington has not provided any official statement on this issue. The Chinese government is facing significant criticism about how it treats the Muslim population in Xinjiang. The Uighur is a Muslim majority area in China subjected to the Chinese government’s cruel behavior. Many groups believed that China had detained more than a million Uighurs during the past few years.
Facebook also took action against the state-sponsored hacking activities. In December 2020, the social networking site linked OceanLotus to an information technology company CyberOne Group in Vietnam.