The unknown hacker targeted exiled Uyghur community leaders in a campaign involving Windows Spyware, the researchers revealed Monday.
Citizen Lab, a digital rights research group based at the University of Toronto, detailed espionage against members of the World Uyghur Congress (WUC) representing Muslim territorial groups that have faced many years of oppression, discrimination, surveillance and hacking from the Chinese government.
Google warned WUC members about the hacking campaign in mid-March, urging members to contact journalists and Citizen Lab researchers, the report said.
Citizen Lab investigated and found targeted phishing emails sent to WUC members. This impersonated a trusted contact who sent a Google Drive link to a password protected compressed file containing a malicious version of the Uyghur language text editor.
Researchers said the campaign is not particularly sophisticated and does not involve zero-day exploits or mercenary spyware, but “delivery of malware shows a high level of social engineering and reveals an in-depth understanding of the target community of attackers.”