Facebook announced that it managed to stand in the way of a hacker operation that used social platforms to spread malware to iOS and Android devices. The main target was Uyghurs from the Xinjiang region of China, but the action could very easily hit other citizens of the world.
The malware used during the attack was so advanced that it could steal anything stored on infected devices. Security experts have linked the attackers to groups working for the Chinese government, and the malware has been implemented on websites most frequently visited by journalists, activists, and Uighurs living outside China. When it comes to Facebook, the platform was used to share links that would send visitors to compromised sites, and the malware was not shared directly.
The attack group, which is responsible for these and similar attacks, has been targeting iPhones since August 2019, and security experts have given it several names - Earth Empusa, Evil Eye or PoisonCarp. Some of the vulnerabilities used at the time belonged to the zero-days group, which means that they were valuable because they were not known to security researchers.
The Chinese government has denied having anything to do with the attacks, which currently target only members of the Uighur minority, and which could serve as inspiration for some future espionage actions.