A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices.
Dubbed Poison Carp by University of Toronto’s Citizen Lab, the hacking group behind this campaign sent tailored malicious web links to its targets over WhatsApp, which, when opened, exploited web browser and privilege escalation vulnerabilities to install spyware on iOS and Android devices stealthily.
“Between November 2018 and May 2019, senior members of Tibetan groups received malicious links in individually tailored WhatsApp text exchanges with operators posing as NGO workers, journalists, and other fake personas,” the researchers say.
What’s more? The researchers said they found “technical overlaps” of Poison Carp with two recently discovered campaigns against the Uyghur community in China—the iPhone hacking campaign reported by experts at Google and the Evil Eye campaign published by Volexity last month.
Based on the similarities of the three campaigns, researchers believed that the Chinese government sponsors Poison Carp group.