China Hackers Used Trojanized UyghurEditPP App to Target Uyghur Activists

China-linked hackers targeted Uyghur activists using a Trojanized UyghurEditPP app in a spear-phishing campaign, Citizen Lab researchers reveal.…...

Malware Attack Targets World Uyghur Congress Leaders via Trojanized UyghurEdit++ Tool

In a new campaign detected in March 2025, senior members of the World Uyghur Congress WUC living in exile have been targeted by a Windows-based malware that's capable of conducting surveillance. The spear-phishing campaign involved the use of a trojanized version of a legitimate open-source word...

Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play

Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that's designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and...

China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users

Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor...

Meta Uncovers Massive Social Media Cyber Espionage Operations Across South Asia

Three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South Asia as part of disparate attacks. "Each of these APTs relied heavily on social engineering to trick people into clicking on malicious links,...

Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs

A new wave of a mobile surveillance campaign has been observed targeting the Uyghur community as part of a long-standing spyware operation active since at least 2015, cybersecurity researchers disclosed Thursday. The intrusions, originally attributed to a threat actor named Scarlet Mimic back in...

Researchers Find New Android Spyware Campaign Targeting Uyghur Community

A previously undocumented strain of Android spyware with extensive information gathering capabilities has been found disguised as a book likely designed to target the Uyghur community in China. The malware comes under the guise of a book titled "The China Freedom Trap," a biography written by the...

Possible Government Surveillance of the Otter.ai Transcription App

A reporter interviews a Uyghur human-rights advocate, and uses the Otter.ai transcription app. The next day, I received an odd note from Otter.ai, the automated transcription app that I had used to record the interview. It read: “Hey Phelim, to help us improve your Otter’s experience, what was th...

Microsoft Seizes 42 Malicious Web Domains Used By Chinese Hackers

Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations in the U.S. and 28 other countries pursuant to a legal warrant issued by a federal court in the U.S. state of Virginia. The Redmond company attributed the...

Hackers Using Fake Foundations to Target Uyghur Minority in China

The Uyghur community located in China and Pakistan has been the subject of an ongoing espionage campaign aiming to trick the targets into downloading a Windows backdoor to amass sensitive information from their systems. "Considerable effort was put into disguising the payloads, whether by creatin...

iPhone Hack Allegedly Used to Spy on China’s Uyghurs

In 2019, a Chinese security researcher working with the internet security and antivirus company Qihoo 360 unveiled an intricately woven exploit: One that would allegedly let a remote attacker easily jailbreak an iPhone X iOS 12.1. The researcher, Qixun Zhao, dubbed the exploit Chaos, for good...

Facebook Disrupts Spy Effort Aimed at Uyghurs

Facebook has taken on a group of hackers in China that target the Uyghur ethnic group with cyberespionage activity. The hacking group, known as Earth Empusa or Evil Eye, was targeting activists, dissidents and journalists involved in the Uyghur community, primarily those living abroad in Australi...

Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad

Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices. "They targeted activists, journalists and...

Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware

In this in-depth Threatpost podcast Christoph Hebeisen, who leads the Security Intelligence Research Division at Lookout, shares a behind-the-scenes look at how his team discovered and tracked three never-before-seen surveillanceware tools, dubbed SilkBean, GoldenEagle and CarbonSteal. Hebeisen...

Android 'ActionSpy' Malware Targets Turkic Minority Group

Researchers have discovered a new Android spyware, dubbed ActionSpy, targeting victims across Tibet, Turkey and Taiwan. The spyware is distributed either via watering-hole websites or fake websites. Researchers believe ActionSpy is being used in ongoing campaigns to target Uyghur victims. The...

Chinese Hackers Using New iPhone Hack to Spy On Uyghur Muslims

A Chinese hacking group has been found leveraging a new exploit chain in iOS devices to install a spyware implant targeting the Uyghur Muslim minority in China's autonomous region of Xinjiang. The findings, published by digital forensics firm Volexity, reveal that the exploit — named "Insomnia" —...

Chinese Hackers Using New iPhone Hack to Spy On Uyghur Muslims

A Chinese hacking group has been found leveraging a new exploit chain in iOS devices to install a spyware implant targeting the Uyghur Muslim minority in China's autonomous region of Xinjiang. The findings, published by digital forensics firm Volexity, reveal that the exploit — named "Insomnia" —...

1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp

A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices. Dubbed Poison Carp by University of Toronto's Citizen Lab, the...

A week in security (July 17 – July 23)

Over the last week, we have covered Play Protect, android’s new security system and how the Dutch police ran Hansa Market after the take down of Alpha Bay, both major players on the Dark Web. We also provided some tips on how to stay cyber safe this summer. We also saw how the Terror exploit kit...

Scarlet Mimic Behind Espionage Campaign Against Tibetan, Uyghur Activists

Researchers believe a single group is responsible for a series of attacks over the years to spy on Tibetan and Uyghur activists. For four years the group has used a cornucopia of spearphishing emails, a watering hole attack, and a backdoor Trojan to carry out espionage. Dubbed Scarlet Mimic, the...