
Digital security researchers at the University of Toronto’s Citizen Lab say threat actors close to the Chinese government were likely behind an attempt to infiltrate the devices of a group of Uyghur activists with malicious surveillance software hidden in an email, according to a new report.
The malware was disguised in an altered version of a Uyghur language word processing and spell check tool, the researchers said.
They added that the failed cyberattack on the activists, who are affiliated with the Munich-based World Uyghur Congress, appeared to be part of Beijing’s transnational repression campaign — including online surveillance and intimidation — against the Turkic ethnic group native to China’s northwest Xinjiang region. Uyghurs have faced discrimination and rights violations, including mass detention in Xinjiang, by Chinese authorities.
“Such attacks are, of course, annoying and they show that we are fighting against a brutal Chinese government that is trying by all means to erase our voice,” said Erkin Zunun, one of the activists, in an interview with the International Consortium of Investigative Journalists and Paper Trail Media. “We are trying to be a voice for the voiceless, but China is trying to suppress that too.”
Citizen Lab, an academic research lab that studies digital threats, analyzed the malware threat after the activists alerted its researchers, who were investigating Beijing’s tactics to silence its critics overseas as part of the China Targets investigation led by ICIJ.