WhatsApp is Being Used by Hackers to Target Tibetans
Discovered by Canadian cybersecurity firm The Citizen Lab, the attack posts a one-click link to Tibetan individuals to spy, steal data and money from them.
A group of hackers operating under the name ‘Poison Carp’ are believed to be the ones behind a recent stream of one-click link attacks aimed at the Tibetan community. Published by Canadian cybersecurity research firm The Citizen Lab and reported initially by The Hacker News, the Poison Carp attackers operate by sending a one-click link to target individuals by posing as NGO workers, journalists or others.
The end-objective of these attacks include gaining full access to their devices including camera and microphone to carry out nefarious activities, extract contacts, call and location data, and private chats, as well as automatically download malicious plugins on the target devices.
The one-click links are being spread by these attackers through WhatsApp messages, and reportedly exploit multiple Android browser exploits as well as spyware kits. They also appear to be exploiting a phishing vulnerability, in order to steal financial data as well. The suspected attack sources are not entirely unknown, and have already been seen before, including in the massive iOS browser exploit reported by Google.
The report, composed by a team of seven researchers and research fellows at The Citizen Lab, further state that among the prime targets of these attacks, held between November 2018 and May 2019, include the private office of The Dalai Lama, the Central Tibetan Administration and the Tibetan Parliament, among others. While no confirmed links have been found, the pattern of these tools and their coding pattern has led the researchers to believe that the Poison Carp group is actually supported by the Chinese government, leading to suspicions of even more state-sponsored surveillance, cyber sabotage and cyber terrorism.
While the threat is severe enough, it is important to note that the researchers have not found any of the exploits to be zero-day hacks, which in turn signifies that concerned companies such as Google, Apple and WhatsApp would have already released patches to fix the exploits that can lead to the data of these individuals being compromised. As a result, it is highly advisable for anyone, and members of the Tibetan community in particular, to keep their applications and software constantly updated.
Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.
Recommended For You
- OMG! Why is This Actor Holding Captain America's Vibranium Shield?
- Pakistan-Bound Etihad Airbus A320 Plane Collides with Wild Boar on Runway in Islamabad
- Desi Queen Elizabeth ‘Ranting’ About Meghan and Harry is Every Punjabi Mom Ever
- Thailand Masters: Indian Campaign Over on Day 1 as Saina, Srikanth, Sameer and Prannoy Lose in Round 1
- Udaipur Man Names his Son 'Congress', Hopes His Son Will Join the Party in the Future