Uyghur Diaspora Group Targeted with Remote Surveillance Malware
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Senior members of the World Uyghur Congress (WUC) were targeted by a sophisticated spear phishing campaign aimed at deploying surveillance malware. The attack, discovered in March 2025, involved a trojanized version of a legitimate Uyghur language text editor. The malware enabled remote surveillance, collecting system information and allowing file manipulation. The campaign's infrastructure consisted of two distinct command-and-control clusters, with domains impersonating the legitimate tool's developer. While not technically advanced, the operation demonstrated a deep understanding of the Uyghur community and likely aligns with Chinese government interests. The targeting of exiled Uyghur representatives highlights the ongoing cyber threats faced by diaspora groups.
OPENCTI LABELS :
spear phishing,remote access,surveillance,uyghur,trojanized application,uyghureditpp backdoor
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Uyghur Diaspora Group Targeted with Remote Surveillance Malware