Security News > 2020 > April > Chinese Threat Actor Targets Uyghurs With New iOS Exploit
A Chinese threat actor tracked as Evil Eye has updated the tools it uses to target Uyghurs, a minority Turkic ethnic group in the Xinjiang Uyghur Autonomous Region in Northwest China, incident response and threat intelligence firm Volexity reports.
Starting January 2020 the threat actor resumed operations, with signs of activity identified "Across multiple previously compromised Uyghur websites."
As part of the new attacks, Evil Eye launched an exploit chain using the open source framework IRONSQUIRREL, targeting iOS devices to abuse a WebKit vulnerability that was patched in the summer of 2019.
Successful exploitation of vulnerable systems results in a new version of the threat actor's implant being delivered, which Volexity refers to as INSOMNIA. The security firm says it observed multiple different attacks installing the implant on iOS devices.
The researchers also suggest the threat actor might have a method for manually gaining persistence on verified targets.