Uyghur Diaspora Group Targeted with Remote Surveillance Malware
April 28, 2025, 7:20 p.m.
Description
Senior members of the World Uyghur Congress (WUC) were targeted by a sophisticated spear phishing campaign aimed at deploying surveillance malware. The attack, discovered in March 2025, involved a trojanized version of a legitimate Uyghur language text editor. The malware enabled remote surveillance, collecting system information and allowing file manipulation. The campaign's infrastructure consisted of two distinct command-and-control clusters, with domains impersonating the legitimate tool's developer. While not technically advanced, the operation demonstrated a deep understanding of the Uyghur community and likely aligns with Chinese government interests. The targeting of exiled Uyghur representatives highlights the ongoing cyber threats faced by diaspora groups.
Tags
Date
- Created: April 28, 2025, 5:09 p.m.
- Published: April 28, 2025, 5:09 p.m.
- Modified: April 28, 2025, 7:20 p.m.
Additional Informations
- China