Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Threat Management, Threat Intelligence, Threat Management, Threat Management, Malware, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Reports say China devised iPhone malware campaign to track Muslims; Android and Windows devices also targeted

A recently exposed malware campaign that used watering-hole attacks to target iPhone users for more than two years was reportedly part of an effort to track Uyghur Muslims based in China's Xinjiang state.

The campaign was actually broader than originally thought, and attempted to infect Android and Microsoft Windows devices as well, reports are also stating.

Citing sources with knowledge of the matter, TechCrunch this past weekend reported the campaign is the work of a state actor -- most likely the Chinese government, which for years has sought to keep close tabs on its Uyghur minority group.

Forbes would then later confirm TechCrunch's findings, while also reporting that the campaign was also designed to infect Android devices and Windows PCs. A Microsoft spokesperson reportedly told Forbes that the research team that discovered and publicized the malware operation "was very specific in its blog post that the recently publicized attacks used unique iPhone exploits and they have not disclosed similar information to us." Google, meanwhile, did not provide any comment regarding its Android OS.

It was researchers at Google’s Project Zero who last week revealed the iPhone portion of the malware operation, which attempted to infect device users with a malware implant, using exploits delivered via a small number of compromised websites. Altogether, Google’s Threat Analysis Group (TAG) found five distinct iPhone exploit chains covering versions iOS 10 through the latest version of iOS 12.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.