Facebook Shuts Down Hackers Who Infected iOS and Android Devices

Share post:

Facebook has disrupted a hacking operation that utilized its social media platform, to spread iOS and Android malware that spied on Uyghur people from Xinjiang, China.

The hackers, which researchers have traced to have links to the Chinese government, planted malware on websites often visited by activists, journalists, and dissidents from Xinjiang who are now based overseas.

The hackers installed websites with malicious JavaScript that infected target iPhones with malware which now carries the name Insomnia. The hacking group, referred to as Earth Empusa, Evil Eye, or PoisonCarp, worked against iPhones running iOS versions 10.x, 11.x, 12.0, and 12.1 while some worked against versions 12.3, 12.3.1, and 12.3.2.

Taken together, these exploits were able to infect devices for more than two years and continues to this day even after having been exposed.

Insomnia is capable of exfiltrating data from a host of iOS apps, contacts, GPS, iMessage and third-party apps like Signal, Telegram, Whatsapp, Gmail, and Hangouts. The exploits were delivered only to people who passed certain checks involving IP addresses, OSesd, browsers, as well as country and language settings, thus evading easy detection.

Moreover, Evil Eye used fake apps to infect Android Phones, often mimicking third-party Android app stores that published Uyghur-themed software. Once installed, the trojanized apps infected other devices with one or two strains of malware called ActionSpy and PluginPhantom.

Facebook has named two China-based companies that had allegedly manufactured the malware. The Chinese government has denied any involvement in these practices that targeted Uyghur dissidents and their connections.

For more information, you may view the original story from Arstechnica.

SUBSCRIBE NOW

Related articles

Meta accused of trying to discredit researchers

Meta, the parent company of Facebook, has been accused of discrediting university researchers in Brazil who reported fraudulent...

US Surgeon General wants social media warning labels

US Surgeon General Vivek Murthy has called for smoking-style warning labels to be placed on social media platforms...

Meta’s use of public posts and images to train AI meets with backlash over privacy concerns

Meta's recent move to use public posts and images from Facebook and Instagram for training its AI tools...

Canadian schools sue social media giants over alleged harm to children

Five Ontario school boards along with two private schools have joined lawsuits that claim that social media platforms...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways