Skip to content
/ ergenekon Public

Tracking and timelining historic and ongoing People's Republic of China 🇨🇳 malware targeting of Uyghur people

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

wesinator/ergenekon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
README.md
README.md
 
 

Repository files navigation

ergenekon

Tracking and timelining historic and ongoing People's Republic of China 🇨🇳 malware targeting of Uyghur people

  • Any malware information is categorised and grouped using the horizontal axis of the Diamond Model
    • Malware file hashes are standardised on SHA256 (where available)

Timeline and list of activity is not exhaustive

The purpose of this project is

  1. to document the cyberespionage acitivities of PRC-affiliated adversaries against Uyghur people and organisations
  2. to provide easy links to research containing malware observables, tactics and techniques, mitigations, and additional details that may be of value to at-risk or affected people and organisations

Timeline of activity

Year Activity
2009 The snooping dragon: social-malware surveillance of the Tibetan movement (University of Cambridge)
2012 May 3 - CVE-2012-0779 World Uyghur Congress Invitation.doc (Contagio Dump)
2012 New MacOS X backdoor variant used in APT attacks (Kaspersky Labs)
2012 Ramadan-Themed Email, Spoofed Event Invitation Lead to Malware (Trend Micro)
2013 Cyber Attacks Against Uyghur Mac OS X Users Intensify (Kaspersky Labs)
https://cybersecurity.att.com/blogs/labs-research/cyber-espionage-campaign-against-the-uyghur-community-targeting-macosx-syst
2013 New Targeted Attack on Tibetan Activists Using OS X Discovered (Intego)
2013 Latest Adobe PDF exploit used to target Uyghur and Tibetan activists (Alienvault)
2013 Flash Exploit Targets Uyghur Website (F-Secure)
2013 Another Document Targeting Uyghur Mac Users (F-Secure)
2013 APT #TargetedAttacks within @SocialMedia (ThreatConnect)
2013 - 2016 Scarlet Mimic: Years-Long Espionage Campaign Targets Minority Activists (Palo Alto Networks)
2013 - 2020 Multiyear Surveillance Campaigns Discovered Targeting Uyghurs (Lookout Mobile Security)
https://www.nytimes.com/2020/07/01/technology/china-uighurs-hackers-malware-hackers-smartphones.html
2015 - 2018 HenBox: The Chickens Come Home to Roost (Palo Alto Networks)
2019 Missing Link: Tibetan Groups Targeted with 1-Click Mobile Exploits (Citizenlab)
2019 Digital Crackdown: Large-Scale Surveillance and Exploitation of Uyghurs (Volexity)
2020 Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant (Volexity)
New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa (Trend Micro)

About

Tracking and timelining historic and ongoing People's Republic of China 🇨🇳 malware targeting of Uyghur people

Topics

threat-intelligence uyghur cyber-threat-intelligence uighur uyghurs

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository