The iPhones and Android phones of Tibetan activists were targeted by hackers pretending to work for Amnesty International
- Hackers targeted Tibetan leaders in an attempt to monitor their devices with spyware throughout the past two years, according to a new report.
- The spyware targeted iOS and Android devices and was designed to infiltrate the phones of users who clicked on a malicious link once.
- Researchers say the hacking attempts appear to be carried out by the same group that previously targeted Uyghur Muslims in China. Previous reports have linked that hacker group to the Chinese government.
- Visit Business Insider's homepage for more stories.
Several Tibetan leaders, including people working for the Dalai Lama and Tibetan government, were targeted by hackers who sent them malicious links on WhatsApp, a new report has found.
The hackers reportedly posed as activists from organizations like Amnesty International and sent Tibetan leaders text messages containing links to malicious code throughout 2018 and 2019. If clicked once, the links had the capacity to install spyware on iPhones and Android devices, the digital rights group Citizen Lab reported on Tuesday.
The hacking attempts were carried out by the same group that previously targeted Uyghur Muslims in China, according to the Citizen Lab's report. Those hacks were publicized by Google researchers last month, and TechCrunch reported that the attack was carried out by a group linked to the Chinese government.
At the time, Google researchers said the one-click hacks targeted iOS devices and that any iPhone user could be vulnerable. Apple downplayed that characterization, stating that they were already in the process of fixing exploits when Google uncovered the attacks and that only a narrow set of users were targeted.
Since then, both companies have rolled out updates to iOS and Android that patched vulnerabilities to the attacks.
None of the Tibetans who clicked on malicious links were compromised because they had already downloaded the software updates protecting their devices, according to The Citizen Lab's report.
The hackers messaged targets pretending to be affiliated with nonprofit organizations like Amnesty International. Hackers claimed to be drafting human rights reports about China, and asked targets to follow links to view supposed photo and video evidence.
In another instance, a hacker pretended to be a New York Times reporter by the name of "Lucy Leung" asked their target to click on a link, claiming it led to a news article.
Researchers observed 17 intrusion attempts against Tibetan targets, and 12 of those included one-click exploit links. In total, more than 140 people clicked on the link that led to iOS spyware, according to the report.
An Apple spokesperson highlighted the fact that no Tibetan targets were affected by malware given that they had already downloaded the patched version of iOS.
"Our customers' data security is one of Apple's highest priorities and we greatly value our collaboration with security researchers like Citizen Lab. The iOS issue detailed in the report had already been discovered and patched by the security team at Apple. We always encourage customers to download the latest version of iOS for the best and most current security enhancements," the Apple spokesperson said in a statement to Business Insider.
A Google spokesperson could not be immediately reached for comment.