Last week we reported on Google’s discovery of an old iPhone vulnerability – now fixed by Apple – that enabled malicious websites to steal data from thousands of users over a two-year period.
Google described these attacks in its original blog post as “indiscriminate,” however a report over the weekend by TechCrunch suggests the websites were part of a state-backed attack that specifically targeted Uyghur Muslims.
The websites were part of a campaign to target the religious group by infecting an iPhone with malicious code simply by visiting a booby-trapped web page. In gaining unfettered access to the iPhone’s software, an attacker could read a victim’s messages, passwords, and track their location in near-real time.
According to TechCrunch‘s sources, the Chinese government was allegedly behind the malicious websites, which also infected non-Uygurs who unintentionally accessed these domains because they were indexed in Google search. The FBI is said to have alerted Google to ask for the sites to be removed from its index to prevent infections.
Beijing has long sought to suppress the ethnic minority Uyghur community in the country’s Xinjiang state, with brutal crackdowns in the 1980s and 90s leading to significant numbers of Uyghurs fleeing China to seek asylum.
In the past year, at least one million Uighurs have been detained in internment camps, according to the United Nations human rights committee. Beijing claims the centers across Xinjiang are for “vocational training,” but a US Congressional hearing on the camps characterized them as “political re-education” centers.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.