Hackers Target Uyghur Groups

The Chinese government is suspected of the infected email attack.

2012.09.06
china-internet-security-305.jpg A Chinese security official monitors computer screens in Beijing, Nov. 16, 2007.
AFP

More than 10 exile Uyghur associations have suffered a viral hacking attack, one of the groups said Thursday, blaming the Chinese government for the blitz.

Dolkun Isa, executive committee chairman of the Munich-based World Uyghur Congress (WUC), said that his organization’s website had been crippled in recent days—though the site has since been functioning normally—and that its servers had been forced to distribute fake emails targeting activists from related organizations.

“More than 10 organizations have been affected by the recent virus,” Isa told RFA, adding that he had reason to believe that the attack was state-sponsored and had originated from China.

“It is likely related to the upcoming executive committee meeting,” he said, during which the WUC will discuss the ongoing situation in the Xinjiang Uyghur Autonomous Region—where many Uyghurs chafe under Chinese rule—and the group’s future organizational strategy.

The WUC Executive Committee Meeting is scheduled to be held Sept. 21-23 in Amsterdam.

He said fellow activists and colleagues from outside the WUC who would not normally be sent an invitation had been receiving infected emails regarding the event.

Earlier on Thursday, the WUC had released a statement warning of a “recent rise of emails purportedly sent from the WUC aimed at tricking recipients into opening infected attachments.”

It said that “at least four” different emails had been identified that were “targeting Uyghur activists, colleagues and friends from other NGOs [nongovernmental organizations] and international organizations.”

“In view of many similar attacks in the past and the sophistication of these fake emails, the WUC believes that the infected emails are state-sponsored efforts by China to disrupt the work of the WUC,” the statement said.

It said the emails were being sent from addresses that exhibited “minor alterations” from real WUC addresses and contained information related to the group’s current work.

“These fake emails therefore illustrate a particularly worrying trend by China to specifically monitor the WUC and other Uyghur organizations with the sole purpose of disrupting peaceful activism to secure and promote the fundamental human rights of Uyghurs in [Xinjiang] and abroad,” the statement said.

“In doing so, China is exporting its efforts to curtail alternate discourse to that of official narrative.”

Activists targeted

The WUC noted that Chinese human rights activists, including those from the Uyghur and Tibetan ethnic minorities, have been the target of several incidents of cyber attacks in the past—particularly around the time of sensitive anniversaries of mass protests against Chinese rule.

The WUC sustained a crippling distributed denial of service (DDoS) attack in June and July of 2011, around the time of the second anniversary of the July 5 government crackdown on Uyghur protesters in the Xinjiang capital Urumqi.

A DDoS attack attempts to flood a server or system with so much data that it becomes difficult or impossible to reach for legitimate traffic due to the overload.

According to the WUC, the 2011 attack blocked office phone lines and mobile phone numbers via repeated incoming calls and thousands of emails being sent to WUC accounts over a two-day period, rendering them inaccessible.

In June this year, Russian firm Kapersky Lab discovered a Mac-based Trojan attack targeting Uyghur rights groups which involved emails written in Uyghur carrying ZIP files which would open a backdoor intended to connect command and control servers located in China.

The file would allow attackers to list and transfer files, in addition to executing commands on the infected machine.

Dolkun Isa condemned the recent attack, which he said was part of a concerted effort by Chinese authorities to silence the Uyghur community outside of the country.

“The Chinese government must stop these types of personal attacks on Uyghur organizations, which they have incorrectly accused of carrying out terrorist activities,” he said.

China has accused exile Uyghur activists of inciting terrorism in Xinjiang and has exerted diplomatic pressure to prevent other WUC meetings, the group has said.

Uyghurs say they are subjected to political control and persecution for seeking meaningful autonomy in their homeland and are denied economic opportunities stemming from Beijing's rapid development of the troubled region.

In August last year, China rejected suggestions that it was behind a massive cyber spying initiative reported earlier that month by security firm McAfee.

McAfee said in a report titled "Operation Shady RAT" that hackers compromised computer security at more than 70 global organizations, including the U.N. and U.S. government bodies.

The report sparked speculation that China was behind the hacking, although cyber attacks often cannot be definitively attributed to a specific entity or government.

Reported by Joshua Lipes.

POST A COMMENT

Add your comment by filling out the form below in plain text. Comments are approved by a moderator and can be edited in accordance with RFAs Terms of Use. Comments will not appear in real time. RFA is not responsible for the content of the postings. Please, be respectful of others' point of view and stick to the facts.