Those hackers Google’s researchers sussed out earlier this week apparently went after more than just iPhone users. Microsoft’s operating system along with Google’s own were also targeted, according to Forbes, in what some reports are calling a possibly state-backed effort to spy on the Uighur ethnic group in China.
Google’s Threat Analysis Group was the first to discover the scheme earlier this year (news of the campaign was first disclosed Thursday). It involved a small group of websites aiming to infect visitors’ devices to gain access to their private information, including live location data and encrypted information on apps like on WhatsApp, iMessage, and Telegram. These websites were up for two years, during which thousands of visitors purportedly accessed them each week.
In February, Google notified Apple of 14 vulnerabilities the site’s malware exploited, which the company fixed within days with iOS 12.1.4. Apple disclosed in that update that the flaws, referred to as “memory corruption” issues, were fixed with “improved input validation.” The company hasn’t publicly addressed Google’s account of the hack since the news broke earlier this week.
While the Google team only reported iPhone users being targeted by this attack, sources familiar with the matter told Forbes that devices using Google and Microsoft operating systems were also targeted by these same sites. Thus widening the potential scale of an already unprecedented attack.
Whether Google found or shared evidence of this is unclear, as is whether the attackers used the same method of attack as they did with iPhone users, which involved attempting to sneak malware onto users’ phones upon their visit to the infected websites. Gizmodo reached out to Microsoft and Google about these reported developments and will update this article with their statements.
It was all part of a broad, two-year campaign to gather surveillance on the Uighur community, a minority Muslim group often targeted by the Chinese government, according to a TechCrunch report later confirmed by Forbes. However, Google noted in its disclosure of the hack that “simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant.” So it’s possible people outside this ethnic group could have been affected by the attack. A source also told Forbes the attacks may have been updated over time to be able to break into other operating systems to correspond with changes in the community’s usage.
This would mark the latest in a series of crackdowns on the ethnic group launched by the Chinese government and fuelled by claims that the country’s remote Xinjiang region is being threatened by Islamist militants and separatists. Last year, the state forced 2 million Uighurs and Muslim minorities into “political camps for indoctrination,” according to reports from the United Nations, prompting more than 20 countries to call on China to put a stop to its mass detention efforts.
Referring to the hack Google recently revealed, Cooper Quintin, senior staff technologist at the digital rights non-profit group Electronic Frontier Foundation, told Forbes:
“The Chinese government has been systematically targeting the Uighur population for surveillance and imprisonment for years. These attacks likely have the goal of spying on the Uighur population in China, the Uyghur diaspora outside of China and people who sympathize with and might wish to help the Uighur in their struggle for independence.”
Featured image: Jenny Kane (AP)