Tech giant Facebook has taken steps against a group of hackers in China who were targeting protesters, mostly Uyghurs from Xinjiang province, the company's Cyber Espionage team said on Wednesday.
"Today, we are sharing actions we took against a group of hackers in China known in the security industry as Earth Empusa or Evil Eye - to disrupt their ability to use their infrastructure to abuse our platform, distribute malware and hack people's accounts across the internet. They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey, Kazakhstan, the United States, Syria, Australia, Canada and other countries," said the company's head of Cyber Espionage Investigations Mike Dvilyanski and Head of Security Policy Nathaniel Gleicher.
Chinese firms Beijing Best United Technology Co., Ltd. (Best Lh) and Dalian 9Rush Technology Co., Ltd. (9Rush), are behind some of the Android malware used by the hackers, said Facebook. The company intruded on the Chinese hacker’s operation by blocking malicious domains from being shared on its platform, took down the group's accounts and notified the targeted individuals. The miscreants set up malicious websites that used clone domains for popular Uyghur and Turkish news sites or they compromised legitimate websites often visited by their targets, some websites contained malicious javascript code, the statement said.
Also Read: US Senate confirms Indian-American origin Dr Vivek Murthy as Surgeon General
The statement further adds, "This group used fake accounts on Facebook to create fictitious per court-orders journalists, students, human rights advocates or members of the Uyghur community to build trust with people they targeted and trick them into clicking on malicious links.”
Facebook security experts work and stop a wide range of threats including cyber espionage campaigns, influence operations and hacking of their platform by nation-state actors and other groups and as a result of these efforts, their teams disrupt adversary operations by disabling them.