On 2 September 2019, cyber security firm Volexity reported that hackers based in China had targeted the iPhones and Android devices of Uyghurs living abroad. The hackers compromised news websites popular with the Uyghur diaspora. The compromised websites would infect visitors’ devices with malicious code, granting the hackers access to the victim’s email, passwords, or real-time location. Volexity’s report states that at least two Chinese APT groups, including one known as Evil Eye, were behind the operation. According to TechCrunch, sources familiar with the matter thought the attack was state-backed, likely by the Chinese government. Later in September 2019, the digital rights group Citizen Lab reported that Evil Eye had used similar tactics to target the Tibetan diaspora between November 2018 and May 2019.
Chinese hacking group targets Uyghur and Tibetan diaspora’s smartphones