A protester from the Uighur community living in Turkey holds an anti-China placard during a protest in Istanbul.Credit:AP
It said the majority of the hackers’ activity occurred away from Facebook and that they used the site to share links to malicious websites rather than directly sharing the malware on the platform.
“This activity had the hallmarks of a well-resourced and persistent operation,while obfuscating who’s behind it,” Facebook cybersecurity investigators said in a blog post.
Loading
Facebook said the hacking group used fake Facebook accounts to pose as fictitious journalists,students,human rights advocates or members of the Uighur community to build trust with their targets and trick them into clicking malicious links that would install spying software on their devices.
It said hackers both set up malicious websites using look-alike domains for popular Uighur and Turkish news sites and compromised legitimate websites visited by the targets. Facebook also found websites created by the group to mimic third-party Android app stores with Uighur-themed apps,like a prayer app and dictionary app,containing malware.
Facebook said its investigation found two Chinese companies,Beijing Best United Technology Co Ltd and Dalian 9Rush Technology had developed the Android tool deployed by the group.