- The iPhone ‘watering hole’ malware-infecting operation wasn’t targeting solely iOS devices after all, as per a newly released report.
- Unnamed sources point to the Chinese state, and claim that Uyghur Muslims were the primary target.
- The Uyghur ethnic group has been under various forms of persecution in China in recent years.
After last week’s revelation about a set of ‘watering hole’ websites that were targeting iPhones running all versions of iOS, the first signs of who was behind the operation have started to see the light. The initial discovery was the work of Google’s Project Zero researchers, and the description of how the data exfiltration on the infected devices happened indicated that the users could have very easily not realized a thing, even after years of being spied upon. With the operation making headlines all over the Web, more details about the surveillance operation have now surfaced on Forbes.
The newly published report says that not only iOS devices were targeted but also Android and Windows PCs. This means that there are plenty more victims than initially anticipated. Secondly, it looks like the operation was supported by China, and the main target was the community of Uyghur Muslims living in the Xinjiang state. This is a minority Turkic ethnic group who has been vigorously targeted by the Chinese state in the past few years. Back in July, we saw how Chinese state spyware that was forcibly installed onto the devices of all visitors who enter the Xinjiang territory was searching for Islamic state documents, jihadi anthems, and even Quran verses. It is obvious that the Chinese regime isn’t fond of Muslims and automatically qualifies them as a problem for the state.
All that said, the unnamed websites that were used in this mass surveillance operation must have to do with the targeted ethnic group, possibly featuring something relevant to their religion and culture. TechCrunch dug deeper into the matter and confirmed that the FBI knew about the malicious nature of some of these domains, and had informed Google to remove them from its index in order to protect people from getting infected with spyware. Remember, these websites were indiscriminately infecting anyone who visited them, and not just Uyghurs. While the websites still remain unknown to the public, the main takeaway from this story is that no one is safe when browsing the web, no matter the operating system they’re using.