Recent iPhone Hack May Have Been State-Backed Campaign Targeting Chinese Uyghur Muslim Minority

A recent massive iPhone hack discovered by Google researchers may have been a campaign to target Uyghur Muslims, an oppressed ethnic minority living in China.

Apple’s iPhone has long been considered one of the most challenging devices to hack, in part because it’s usually done by highly sophisticated groups targeting an individual. But a group of Google researchers discovered that, for two years, someone has been indiscriminately hacking thousands of iPhones just by getting their owners to visit a website.

Now, a new report from TechCrunch explains that a number of these malicious websites that were reported to have been secretly hacking into iPhones over a two-year period were in fact targeting Uyghur Muslims in China’s autonomous region of Xinjiang.

The Uyghurs are a mostly Muslim and heavily-surveilled minority living in China’s Xinjiang region. Chinese authorities have detained somewhere between 1 and 2 million Uighur people in prison camps, describing it as a counter-terrorism measure.

“Sources familiar with the matter said the websites were part of a state-backed attack — likely China — designed to target the Uyghur community in the country’s Xinjiang state,” reads the report.

“It’s part of the latest effort by the Chinese government to crack down on the minority Muslim community in recent history,” TechCrunch continues. “In the past year, Beijing has detained more than a million Uyghurs in internment camps, according to a United Nations human rights committee.”

The malicious websites, discovered by Google’s Project Zero, deployed a monitoring implant onto any visitor with an iPhone and would begin stealing files and the user’s live location data. An infected iPhone’s messages and passwords would be harvested as well.

“The websites were part of a campaign to target the religious group by infecting an iPhone with malicious code simply by visiting a booby-trapped web page,” reads the report.

Although the Uyghur community was allegedly the target, Google says the attackers appeared to have “no target discrimination” and likely infected thousands of visitors every week.