Collaborate Disseminate
Brookings researchers conducted their study over 120 days.
The post Chinese state media propaganda found in 88% of Google, Bing news searches appeared first on CyberScoop.
Continue reading Chinese state media propaganda found in 88% of Google, Bing news searches
President Joe Biden on Thursday signed an executive order that expands restrictions on U.S. investments in the Chinese defense sector and takes aim at the export of Chinese surveillance technologies. Building on a Trump administration order, the new directive expands to 59 the list of Chinese companies that Americans are barred from investing in. The order, the White House said, will also give U.S. officials greater leeway in addressing the threat of Chinese surveillance technology that is used to repress religious or ethnic groups inside and outside of China. The directive allows the U.S. “to prohibit – in a targeted and scoped manner – U.S. investments in Chinese companies that undermine the security or democratic values of the United States and our allies,” the White House said in a statement. Several Chinese technology firms have been implicated in the Chinese government’s mass detention of Uyghurs, a mostly Muslim minority group whose […]
The post White House executive order further restricts investments in Chinese surveillance technology appeared first on CyberScoop.
Researchers say that suspected Chinese hackers are posing as the United Nations and a fake human rights organization in an ongoing campaign to target Uyghurs, an ethnic group that’s repeatedly been on the receiving end of surveillance and cyberattacks this year. “We believe that these cyber-attacks are motivated by espionage, with the end-game of the operation being the installation of a backdoor into the computers of high-profile targets in the Uyghur community,” said Lotem Finkelsteen, head of threat intelligence at Check Point, which published the research on Wednesday along with fellow security firm Kaspersky. Researchers observed targeting of the Turkic ethnic group in China, Pakistan and China’s Xinjiang Uyghur Autonomous Region. In one attack method, the hackers use malicious documents bearing the name of the United Nations Human Rights Council. They also erected a website for a non-existent Turkic Culture and Heritage Foundation, luring would-be grant applicants to download a […]
The post Possible Chinese hackers pose as UN, human rights group to eavesdrop on beleaguered Uyghur population appeared first on CyberScoop.
The intelligence community made its most direct public attribution yet that Russia was behind weaving malicious code into a SolarWinds software update to facilitate a sweeping espionage operation, impacting hundreds of companies and U.S. federal agencies. The intelligence community said Russia was behind the software supply chain hack in the intelligence community’s Annual Threat Assessment, which the Office of the Director of National Intelligence released Tuesday. “A Russian software supply chain operation against a US-based IT firm exposed approximately 18,000 customers worldwide, including enterprise networks across US Federal, state, and local governments,” the assessment notes, without naming SolarWinds. The intelligence community under the Trump administration had only previously stated that the operation was “likely” Russian in origin. The publication of the threat assessment coincides with President Joe Biden’s call with Russian President Vladimir Putin Tuesday, during which Biden “made clear that the United States will act firmly in defense of […]
The post U.S. intelligence community details destructive cyber capabilities, growing influence threats appeared first on CyberScoop.
Facebook on Wednesday exposed what it said was a long-running hacking campaign targeting Uighurs living around the world and supported by Chinese technology firms. The scheme was aimed at journalists and dissidents, and affected Uighurs living in places like as far-flung as U.S., Turkey and Australia. It involved fake Facebook personas duping targets into clicking on links, as well as malicious Android and iOS software, Facebook said. Facebook said it’s aware of less than 500 people whom the campaign targeted. Facebook’s investigators traced the Android malware developers in the hacking campaign to Chinese firms Beijing Best United Technology and Dalian 9Rush Technology. Neither could be reached for comment on Wednesday. China has a history of allegedly using front companies as cover for its hacking operations. The hacking campaign began as far as back as 2019, and Facebook executives said they expected the attackers to continue their spying efforts. It’s only […]
The post China-based hackers used front companies to hack Uighurs, Facebook says appeared first on CyberScoop.
Continue reading China-based hackers used front companies to hack Uighurs, Facebook says
A newly revealed set of mobile hacking tools adds to the extensive picture of Chinese government surveillance aimed at the country’s Uighur minority. Like Android-focused surveillance kits before them, the malicious software is capable of stealing sensitive data on target phones and turning them into listening devices, according to mobile security firm Lookout, which made the discovery. Some of the hacking tools have been in use for more than five years, but Lookout pieced them together into a vast spying effort tied to the Chinese government, underscoring the pervasive nature of the surveillance and the challenges of uncovering all of it. “Our research found that there are eight malware families meant to stealthily spy on this ethnic minority at the minimum, with some of them expanding even more broadly in their targeting,” said Kristin Del Rosso, Lookout’s senior security intelligence engineer. One of those malware families was cover in a 2013 report from the […]
The post Chinese mobile surveillance of Uighurs more pervasive than previously thought, researchers say appeared first on CyberScoop.
Chinese government-linked hackers are monitoring mobile text messages of specific users, and for certain keywords as part of a new surveillance campaign meant to track individuals in a vast trove of telecommunication data, according to findings published Thursday. APT41, a group that carries out state-sponsored cyber-espionage on Beijing’s behalf, this summer compromised an unnamed telecommunications provider to monitor the messaging activity of high-ranking individuals of interest to the Chinese government, according to FireEye. Chinese hackers primarily have been scanning for military or intelligence keywords, tracking how subjects are reacting to protests, such as those in Hong Kong, and analyzing victims’ opinions of world leaders, Steve Stone, advanced practices director at FireEye, told CyberScoop. During the same intrusions into the unnamed phone company, APT41 also sought individuals’ records from call detail record (CDR) databases, which provide metadata such as the time the calls were made, the phone numbers involved, and the length of the […]
The post A Chinese hacking group breached a telecom to monitor targets’ texts, phone metadata appeared first on CyberScoop.
State-backed hackers from China and Iran have long been spying on their country’s political dissidents using mobile malware, but new research from BlackBerry’s Cylance shows these same nation-state hackers — including groups that have previously been unknown — are using the malware to also spy on targets abroad. “It’s … worth expanding our notion of the typical target of the Chinese government: malware meant for targets of interest … for domestic reasons may very well end up inside a Western business,” Cylance researchers write in a blog post. Chinese hackers, for instance, have been using mobile malware to spy on the Uighur and Tibetan population in recent months through iOS and Android malware. But while Volexity, the firm behind the Uighur population’s surveillance research, has previously said there were “possible ties” between the two campaigns, Cylance links both to one actor. Cylance claims Winnti, a Chinese APT group better known for its targeting […]
The post Cylance: More and more APT groups are relying on mobile malware to track dissidents appeared first on CyberScoop.
Continue reading Cylance: More and more APT groups are relying on mobile malware to track dissidents
The U.S. Commerce Department made moves Monday to limit the activities of eight Chinese companies in the U.S., citing human rights abuses and surveillance against Uighurs and other Chinese Muslim minorities. The department said it is adding the companies to its Entity List, which identifies people, businesses or other organizations for “engaging in activities contrary to U.S. national security and/or foreign policy interests.” Although the department names human rights abuses as the primary concern in its latest action, some of the eight companies have also come under federal scrutiny in recent months for security issues. Just two months ago the Trump administration issued a rule to bar federal purchases of telecommunications equipment from two of the companies added to the list this week, Hangzhou Hikvision Digital Technology Co. Ltd., a former Chinese government research arm, and Dahua Technology. Those earlier moves were done in accordance with the 2019 National Defense Authorization Act. Another company added to the Entity List this week, Xiamen […]
The post Trump administration looks to throttle Chinese surveillance companies’ business with U.S. appeared first on CyberScoop.
Apple doesn’t like what Google has been saying about Apple. The iPhone-maker released a surprise statement on Friday refuting assertions from Google’s Project Zero researchers, who last week revealed how hackers had exploited five chains of iOS vulnerabilities to spy on “thousands” of users. The high-profile report by Google did not identify the victims, but claimed those targeted were vulnerable for years if they simply visited an infected website. In its response, Apple described the attack as “narrowly focused,” rather than the kind of “en masse” targeting described by the Project Zero researchers. Apple confirmed that the hacking activity was aimed at the Uighur community, a Muslim population under mass surveillance by the Chinese government, and said the campaign involved fewer than a dozen websites. Apple said the attacks were “only operational” for two months, rather than two years. The statement takes issue with the scope and volume of Google’s findings, but does […]
The post ‘Indiscriminate’ iOS hacking was relatively limited, Apple says. Try telling that to the Uighur population. appeared first on CyberScoop.