“Today, we are sharing actions we took against a group of hackers in China known in the security industry as Earth Empusa or Evil Eye – to disrupt their ability to use their infrastructure to abuse our platform, distribute malware and hack people’s accounts across the internet. They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey, Kazakhstan, the United States, Syria, Australia, Canada and other countries,” said the company’s head of Cyber Espionage Investigations Mike Dvilyanski and Head of Security Policy Nathaniel Gleicher.
Facebook said it found that the Chinese firms Beijing Best United Technology Co., Ltd. (Best Lh) and Dalian 9Rush Technology Co., Ltd. (9Rush), are behind some of the Android malware used by the hackers.
The firm disrupted the Chinese hackers’ operation by blocking malicious domains from being shared on its platform, took down the group’s accounts and notified the targeted individuals.
“This group used fake accounts on Facebook to create fictitious personas posing as journalists, students, human rights advocates or members of the Uyghur community to build trust with people they targeted and trick them into clicking on malicious links,” it added.
Facebook security experts work to find and stop a wide range of threats including cyber espionage campaigns, influence operations and hacking of their platform by nation-state actors and other groups.
As part of these efforts, their teams disrupt adversary operations by disabling them.
This story has been published from a wire agency feed without modifications to the text. Only the headline has been changed.