The hackers created fake accounts at Facebook pretending to be journalists, Uyghur activists to engage with like-minded people
Facebook on Wednesday said it disrupted efforts by hackers in China to spy on supporters of the Uyghur minority living outside that country.
A group of well-resourced hackers in China targeted hundreds of Uyghur activists, journalists, and dissidents living abroad, trying to trick them into clicking on website links booby-trapped with malicious code, according to the social network.
"This group used various cyber espionage tactics to identify its targets and infect their devices with malware to enable surveillance," Facebook head of cyber espionage investigations Mike Dvilyanski and security policy chief Nathaniel Gleicher said in a blog post.
"This activity had the hallmarks of a well-resourced and persistent operation, while obfuscating who’s behind it."
Primary targets were Uyghurs from Xinjiang in China now living in Australia, Canada, Kazakhstan, Syria, Turkey, the United States, and other countries, according to Facebook.
The cyber spying campaign involved luring targets to websites off the social network where malware could be slipped onto their mobile phones, the executives said while briefing journalists.
The hackers created fake accounts at Facebook pretending to be journalists, activists, or others sympathetic to the Uyghur community so like-minded people would engage with the posts.
"The tactic was to build trust, and then use that as a way to trick them to click on these links to expose their devices," Gleicher said in the briefing.
"Even for a small number of users, less than 500 in this case around the world, the impact can be very serious -- you can imagine the surveillance."
Malware used could let cyber spies take over people's mobile phones, accessing information, cameras and microphones, according to security alerts about the malicious code.
Since targets were lured away from Facebook, the social network could not tell how many of them clicked on booby-trapped links elsewhere, Gleicher said.
"We only see a piece of the activity," he added.
To disrupt this operation, Facebook blocked malicious domains from being shared on the platform; took down the group's accounts and notified people it believed were targeted, according to the executives.
Rights groups say at least one million Uyghurs and other mostly Muslim minorities have been incarcerated in camps in Xinjiang, where authorities are also accused of forcibly sterilizing women and imposing forced labour.
China has strongly denied the allegations, saying training programs, work schemes and better education have helped stamp out extremism in the northwest region and raise income.