Muslim Uighurs residing in China became targets of iOS malware attacks that lasted over two years. Details of the incident only surfaced last week says multiple news sites.
Uighurs (or Uyghurs) are a minority of Muslim groups who hails from northwestern China. Uighurs live in the Uygur Autonomous Region of Xinjian, while a smaller number of these individuals live in Central Asia. They practice agricultural systems, while others ventured to the mining and manufacturing industries.
Sources say the disparity and political unrest between the Uighurs and the Chinese government led to the malware attacks. Malicious websites contained malware which hacked into iPhones used by this Muslim community. According to Tech Crunch, the websites were part of the propaganda released by China.
The malicious and malware-laden websites are the latest efforts of the Chinese government to suppress the Muslim community. Tech Crunch reports that in the past year alone, authorities captured a million Uighurs and placed them within internment camps. Apart from this, federal authorities in the Xinjiang region also placed numerous facial recognition and surveillance cameras.
In a statement to Forbes, Quintin Cooper said that attacks are targeting both Uighurs and sympathizers to the cause. The wide-spread campaign against the minority group is called a “high-risk, high-reward” approach, reveals Forbes. Cooper works at the Electronic Frontier Foundation as a senior staff technologist.
Some of the websites infected with this vulnerability compromised the personal information of Uighurs. This information includes hackers’ access to passwords, messages, and access to real-time locations. The programs and apps affected include encrypted messages on iMessage, Telegram, and WhatsApp.
Hackers obtained information by sending links to a malware-ridden page, which the user unknowingly clicked. The vulnerability – touted as “no-click jailbreak” – is valued at more than $1 million, notes The Guardian.
Google disclosed the vulnerabilities plaguing the iOS system. However, Tech Crunch states Apple immediately closed the affected systems last February 2019. The updates and patches to these exposed websites became available in iOS 12.1.4.
Apple users of the Uighurs community in Xinjiang remain the primary targets and victims of the attacks. However, Forbes maintains that the vulnerabilities sought to target Google and Microsoft users in the region as well. The attacks are “a sign that the hacks were part of a broad, two-year effort that went beyond Apple phones.”
Despite investigations and researches on the incident, Google remains mum on names and number of affected websites. Likewise, Apple has not issued a statement on the matter.