Skip to Content
Computing

Chinese hackers posing as the UN Human Rights Council are attacking Uyghurs

Chinese-speaking hackers are targeting Uyghur Muslims with fake United Nations reports and phony support organizations, according to a new report.

Uyghurs and other members of the faithful pray during services at the Id Kah Mosque in Kashgar in western China's Xinjiang Uyghur Autonomous Region, as seen during a government organized visit for foreign journalists on April 19, 2021. Under the weight of official policies, the future of Islam appears precarious in Xinjiang, a remote region facing Central Asia in China's northwest corner. Outside observers say scores of mosques have been demolished, which Beijing denies, and locals say the number of worshippers is on the decline.
Uyghurs and other members of the faithful pray during services at the Id Kah Mosque in Kashgar in western China's Xinjiang Uyghur Autonomous Region, as seen during a government organized visit for foreign journalists on April 19, 2021. Under the weight of official policies, the future of Islam appears precarious in Xinjiang, a remote region facing Central Asia in China's northwest corner. Outside observers say scores of mosques have been demolished, which Beijing denies, and locals say the number of worshippers is on the decline.
AP Photo/Mark Schiefelbein

Chinese-speaking hackers are masquerading as the United Nations in ongoing cyber-attacks against Uyghurs, according to the cybersecurity firms Check Point and Kaspersky. 

Researchers identified an attack in which hackers posing as the UN Human Rights Council send a document detailing human rights violations to Uyghur individuals. It is in fact a malicious Microsoft Word file that, once downloaded, fetches malware: the likely goal, say the two companies, is to trick high-profile Uyghurs inside China and Pakistan into opening a back door to their computers.

Screenshot source: Check Point

“We believe that these cyber-attacks are motivated by espionage, with the endgame of the operation being the installation of a back door into the computers of high-profile targets in the Uyghur community,” said Lotem Finkelstein, head of threat intelligence at Check Point, in a statement. “The attacks are designed to fingerprint infected devices, including all of [their] running programs. From what we can tell, these attacks are ongoing, and new infrastructure is being created for what look like future attacks.”

Hacking is a frequently used weapon in Beijing’s arsenal, and particularly in its ongoing genocide against Ugyhurs, which uses cutting-edge surveillance both in the real world and online. Recent reporting by MIT Technology Review shed new light on another sophisticated hacking campaign that targeted members of the Muslim minority.

In addition to pretending to be from the United Nations, the hackers also built a fake and malicious website for a human rights organization called the “Turkic Culture and Heritage Foundation,” according to the report. The group’s fake website offers grants—but in fact, anybody who attempts to apply for a grant is prompted to download a false “security scanner” that is in fact a back door into the target’s computer, the researchers explained.

“The attackers behind these cyber-attacks send malicious documents under the guise of the United Nations and fake human rights foundations to their targets, tricking them into installing a backdoor to the Microsoft Windows software running on their computers,” the researchers wrote. This allows the attackers to collect basic information they seek from the victim’s computer, as well as running more malware on the machine with the potential to do more damage. The researchers say they haven’t yet seen all the capabilities of this malware.

The code found in these attacks couldn’t be matched to an exact known hacking group, said the researchers, but it was found to be identical to code found on multiple Chinese-language hacking forums and may have been copied directly from there.

Deep Dive

Computing

Linux hack concept
Linux hack concept

The US military wants to understand the most important software on Earth

Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted

Close up of worker inspecting chip in a clean room
Close up of worker inspecting chip in a clean room

Corruption is sending shock waves through China’s chipmaking industry

The arrests of several top semiconductor fund executives could force the government to rethink how it invests in the sector.

inflection point post-NSO concept
inflection point post-NSO concept

The hacking industry faces the end of an era

But even if NSO Group is no more, there are plenty of rivals who will rush in to take its place. And the same old problems haven’t gone away.

The Western Union Building, 60 Hudson Street, c. 1931.
The Western Union Building, 60 Hudson Street, c. 1931.

Energy-hungry data centers are quietly moving into cities

Companies are pushing more server farms into the hearts of population centers.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.