Compromise of websites related to Uighur communities
Date of report
  • September 2019
Affiliations
  • Believed to be the work of at least two unnamed APT groups, including Evil Eye
Multiple threat actors compromised and exploited eleven websites that published news and cultural information related to the Uighur populations in China, particularly the East Turkestan region. The threat actors imitated the domains of Google, the Turkistan Times, and the Uyghur Academy, and used Google applications to gain access to Gmail accounts. Among other sensitive details collected were the hacked devices’ unique identification numbers, phone numbers, locations, central processing unit (CPU) data, and usernames.
Suspected victims
  • China
Suspected state sponsor
  • China
Type of incident
  • Espionage
Target category
  • Civil society