Chinese-speaking hackers are masquerading as the United Nations in ongoing cyber-attacks against Uyghurs, according to the cybersecurity firms Check Point and Kaspersky.
Researchers identified an attack in which hackers posing as the UN Human Rights Council send a document detailing human rights violations to Uyghur individuals. It is in fact a malicious Microsoft Word file that, once downloaded, fetches malware: the likely goal, say the two companies, is to trick high-profile Uyghurs inside China and Pakistan into opening a back door to their computers.
“We believe that these cyber-attacks are motivated by espionage, with the endgame of the operation being the installation of a back door into the computers of high-profile targets in the Uyghur community,” said Lotem Finkelstein, head of threat intelligence at Check Point, in a statement. “The attacks are designed to fingerprint infected devices, including all of [their] running programs. From what we can tell, these attacks are ongoing, and new infrastructure is being created for what look like future attacks.”
Hacking is a frequently used weapon in Beijing’s arsenal, and particularly in its ongoing genocide against Ugyhurs, which uses cutting-edge surveillance both in the real world and online. Recent reporting by MIT Technology Review shed new light on another sophisticated hacking campaign that targeted members of the Muslim minority.