You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

A few days ago, Google Project Zero security researchers detailed a chain of malicious website exploits targeting iPhone users. Now, TechCrunch reports that the Chinese government used these attacks to target Uyghur Muslims.

Ecobee HomeKit Thermostat

Citing sources familiar with the matter, TechCrunch says that the malicious websites used to hack into iPhones, first detailed by Google, were part of a “state-backed attack,” likely from China, designed to “target the Uyghur community in the country’s Xinjiang state.”

The report goes on to detail that according to United Nations data, Beijing has detained “more than 1 million Uyghurs in internment camps” over the last year.

Google researchers first explained that the victims were tricked into opening a link which would direct them to an infected webpage. On that webpage, the malware was deployed. The implant “primarily focused on stealing files and uploading live location data,” as often as every 60 seconds. Because the end device itself had been compromised, services like iMessage were also affected, researchers said.

When Google security researchers first detailed this attack, it was unclear who it was specifically targeting. TechCrunch’s report now provides more detail on that.

The websites were part of a campaign to target the religious group by infecting an iPhone with malicious code simply by visiting a booby-trapped web page. In gaining unfettered access to the iPhone’s software, an attacker could read a victim’s messages, passwords, and track their location in near-real time.

The report adds that the websites in question would also infect non-Uyghurs who happened to visit the infected website. The domains were indexed in Google search results, which made it relatively easy for anyone to stumble upon them.

Apple closed the vulnerability taken advantage of here with the release of iOS 12.1.4 back in February. Apple has not yet commented on these new reports detailing the scope and target of the attacks.

FTC: We use income earning auto affiliate links. More.

Jamf


Subscribe to 9to5Mac on YouTube for more Apple news:

About the Author