Facebook stops Chinese hacking operation targeting Uyghurs living abroad

In March 2021, Facebook announced that it had found a hacking operation targeting “activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad.” The hackers behind the operation belonged to a group known as Earth Empusa or Evil Eye based in China. They attempted to gain access to the victims’ computers and phones by creating fake Facebook accounts, as well as websites and apps intended to appeal to a Uyghur audience. In some cases, the hackers created lookalike websites almost identical to legitimate news sites popular with Uyghurs. Facebook did not directly attribute the operation to the Chinese state but said that it was “well-resourced and persistent,” hinting at nation-state backing. In addition, Evil Eye’s long track-record of going after diaspora groups of interest to the CCP, notably Uyghurs and Tibetans, strongly suggests Chinese state involvement.

About This Incident

Incident Metadata

Date: March 2021
Country: United States