At the end of last week, Google Project Zero experts said that unnamed sites attacked iPhone users for more than two years using 14 vulnerabilities combined in five exploit chains. It seems that Google-caught iPhone crackers have also attacked Android and Windows users.Compromise occurred without any user’s involvement, it was enough just to go for a malicious resource.
Researchers did not specify what kind of sites it were, but noted that the attacks were not targeted. They applied to all iOS users who visited the resources (and those totaled thousands of visitors per week).
Exploiting vulnerabilities, cybercriminals installed spyware on users ‘devices that did not survive a reboot, but could steal victims’ personal data, including instant messenger messages, contacts, photos, and device location information in real time.
As Forbes and TechCrunch now report, Google experts do not write about the real extent of the campaign they discovered. Therefore, the media refer to their own sources and explain that it seems to be a classic “watering hole” attack. Such attacks are called by analogy with the tactics of predators who hunt at a watering hole, waiting for prey – animals that came to get drunk.
According to sources, the campaign was aimed at the Uighurs, the Muslim population of the Xinjiang region of China. Mass surveillance has been conducted for people there for so long, and more than a million Uighurs are held in prisons and educational camps. That is, the malware sites seemed to be Uyghur.
“The Chinese government has been systematically targeting the Uighur population for surveillance and imprisonment for years. These attacks likely have the goal of spying on the Uighur population in China, the Uyghur diaspora outside of China and people who sympathize with and might wish to help the Uighur in their struggle for independence”, — said Cooper Quintin, senior staff technologist at the Electronic Frontier Foundation.
In addition, it is reported that the campaign was aimed not only at iOS users; unknown attackers used similar tactics against Android and Windows users, that is, we are talking about a very large-scale operation. It is not known which payloads were delivered to users of other operating systems.
“That Android and Windows were targeted is a sign that the hacks were part of a broad, two-year effort that went beyond Apple phones and infected many more than first suspected. One source suggested that the attacks were updated over time for different operating systems as the tech usage of the Uighur community changed”, — reports Forbes.
User Review( votes)