An iPhone exploit which used malicious websites to hack iPhones was used to target Uyghur Muslims in China.
The security exploit was recently disclosed by Google researchers. It involved infecting users with malicious code, allowing an attacker to gain access to their phone. Apple fixed the vulnerability earlier this year, before the news was publicly shared.
TechCrunch writes that:
“Sources familiar with the matter said the websites were part of a state-backed attack — likely China — designed to target the Uyghur community in the country’s Xinjiang state.
It’s part of the latest effort by the Chinese government to crack down on the minority Muslim community in recent history. In the past year, Beijing has detained more than a million Uyghurs in internment camps, according to a United Nations human rights committee.”
Victims of the hack were tricked into opening a link. This then opened a malicious website which was used to infect victim’s devices. The hack made it possible to read victims’ messages, track locations, access passwords, and more.
TechCrunch‘s sources say that the website also affected non-Uygurs who accidentally discovered the links. They were indexed by Google, which made them relatively easy to stumble across.
Unfortunately, it’s yet another example of how tech can be used for by governments to attack certain target minority groups. While we’re glad that the flaw was fixed, hopefully such vulnerabilities can be found and plugged sooner in the future.