Facebook has disrupted a hacking operation that utilized its social media platform, to spread iOS and Android malware that spied on Uyghur people from Xinjiang, China.
The hackers, which researchers have traced to have links to the Chinese government, planted malware on websites often visited by activists, journalists, and dissidents from Xinjiang who are now based overseas.
Taken together, these exploits were able to infect devices for more than two years and continues to this day even after having been exposed.
Insomnia is capable of exfiltrating data from a host of iOS apps, contacts, GPS, iMessage and third-party apps like Signal, Telegram, Whatsapp, Gmail, and Hangouts. The exploits were delivered only to people who passed certain checks involving IP addresses, OSesd, browsers, as well as country and language settings, thus evading easy detection.
Moreover, Evil Eye used fake apps to infect Android Phones, often mimicking third-party Android app stores that published Uyghur-themed software. Once installed, the trojanized apps infected other devices with one or two strains of malware called ActionSpy and PluginPhantom.
Facebook has named two China-based companies that had allegedly manufactured the malware. The Chinese government has denied any involvement in these practices that targeted Uyghur dissidents and their connections.
For more information, you may view the original story from Arstechnica.