A Chinese hacking group has been found leveraging a new exploit chain in iOS devices to install a spyware implant targeting the Uyghur Muslim minority in China’s autonomous region of Xinjiang.
The findings, published by digital forensics firm Volexity, reveal that the exploit — named “Insomnia” — works against iOS versions 12.3, 12.3.1, and 12.3.2 using a flaw in WebKit that was patched by Apple with the release of iOS 12.4 in July 2019.
Volexity said the attacks were carried out by a state-sponsored hacking group it calls Evil Eye, the same threat actor that it said was behind a series of attacks against the Uyghurs last September following a bombshell disclosure by Google’s Project Zero team.
Watering Holes Attacks Targeting Uyghur Websites
The malware campaign previously exploited as many as 14 vulnerabilities spanning from iOS 10 all the way through iOS 12 over a period of at least two years via a small collection of malicious websites that were used as a watering hole to hack into the devices.
According to Volexity, Insomnia was loaded on the iOS devices of users using the same tactic, granting the attackers root access, thereby allowing them to steal contact and…