The iPhone-Hacking Sites Google Found Apparently Went After Android and Windows Users Too https://t.co/iYc1aToerG

— The Cyber Security Hub (@TheCyberSecHub) September 2, 2019

The iPhone-Hacking Sites Google Found Apparently Went After Android and Windows Users Too https://t.co/Hjx3oSLzoX#Cybersecurity #cybercrime #cyberattacks #hacker #hack #breach #phishing #dos #ransomware #malware #virus #apt #pii #nist #fcc #finra #hipaa #pci pic.twitter.com/jH8LOJYQOF

— Rich Tehrani (@rtehrani) September 1, 2019

The iPhone-Hacking Sites Google Found Apparently Went After Android and Windows Users Too https://t.co/bW45l8osto

— ᴛʀᴜᴛʜ ᴡʀɪᴛᴇʀ (@WritesTruths) September 2, 2019

Massive #iPhone #Hack Targeted 1 Billion Users And The Culprit Is A Nation State Actor https://t.co/GDLeAnxHxU #China #Privacy #Surveillance #Hacking #BigBrother #BraveNewWorld

— Nikola Danaylov (@singularityblog) September 2, 2019

Timeline:

- Google’s Project Zero blogs legit iOS exploit but with no context.

- Story gets re-blogged, people get panicked.

- TechCrunch finds out it was targeted at the Uyghur community in Xinjiang, China.

- Forbes finds out it targeted Android and Windows too.

WTF PZ? https://t.co/Tx9Bb8vrKM

— Rene Ritchie (@reneritchie) September 1, 2019

This scoop — that the massive hack exploiting multiple zero-day iOS vulnerabilities was likely a state-sponsored Chinese surveillance program — is utterly believable. https://t.co/O5sb4DLzbA

— Greg Greene (@ggreeneva) August 31, 2019

Google blog post didn’t say how they found the infected website(s) using the iOS zero-days. But I’m sitting here thinking, again, that after $127B in annual InfoSec spending, it was an advertising platform that found it... and not a security vendor. Threat intel or otherwise.

— Jeremiah Grossman (@jeremiahg) August 30, 2019

But I thought iPhones were perfect? New iPhone Hack Shock As China Blamed For Devastating Attack: Report via @forbes https://t.co/Dn75A9hUbI

— Peter Pham (@peterpham) September 2, 2019

I'm going to be the odd one here and say this isn't right. So far China has had complete control of the Uyghurs using physical means and coercion. Their entire lives are controlled so why go this route when you will get burned (china doesn't like people knowing internal stuff)

— Daniel Cuthbert (@dcuthbert) September 1, 2019

Update: rumor is it was China targeting Uighur Muslims. An authoritarian government targeting dissidents was the most likely explanation, though my first guess would have been a gulf state. https://t.co/VQmguTPVxk

— MalwareTech (@MalwareTechBlog) September 1, 2019

Ok, so back to infosec now: @zackwhittaker published a s story claiming those ZOMG iOS 0day chains were being used by the Chinese government to target Uyghur muslims. There are doubters, but his story lines up with what I've heard as well. Just sayin'..https://t.co/4K6mSINYVr

— Patrick Gray (@riskybusiness) September 2, 2019

This TechCrunch article on new developments related to the iPhone hacks via malicious websites is a well-written piece. Genuine reporting. No sensational boilerplate language about Apple. No hidden agenda. https://t.co/6CPJfv9wFM

— Neil Cybart (@neilcybart) September 1, 2019

So China targeting specific religious groups with powerful multiple zero day exploits. Does anyone else smell bullshit? Google PLA Unit 61398 https://t.co/5It1xTBP7a

— Root ?Derbycon (@rootsecdev) September 2, 2019

So the iOS hacking campaign revealed last week affected Android and Windows devices as well — but somehow, the coverage induced by Google’s announcement only touched on the iOS bit.

Odd. (h/t @jkohlmann, @zackwhittaker) https://t.co/PWm7xGbSj5

— Greg Greene (@ggreeneva) September 1, 2019

And now @forbes reports:

“Google’s and Microsoft’s operating systems were targeted via the same websites that launched the iPhone hacks, according to the sources, who spoke on the condition of anonymity.”

Project Zero lacked so much context it became a social attack itself. https://t.co/VL11X6aQH0

— Rene Ritchie (@reneritchie) September 1, 2019

If CCP is using redirected "watering holes" to upload malware into Uighur phones for iOS, Android & Windows, it is likely that CCP will redirect HK'ers to HK-centric watering holes.
Forbeshttps://t.co/ae8eImLyEh
TechCrunchhttps://t.co/e4KxcNslyJ

— Wai Sing-Rin (@waisingrin) September 2, 2019

Implant Teardown

The implant has access to all the database files (on the victim’s phone) used by popular end-to-end encryption apps like Whatsapp, Telegram and iMessage. https://t.co/DHGjL7gWtt

— 以色列Israel*Nadal纳达尔 (@perito_inf) August 31, 2019

I cannot find anywhere in this article *any* sourcing for the assertion the hack was by China, or to target Uyghur Muslims.

* Did someone on Project Zero *say* that? Not in the article.
* Was there some content in the notice which *says* that?

Where did you get this from?

— Robert Rutledge (@rerutled) September 1, 2019

Uyghur muslims, the poortest ethnic group in China, running around with shinny new iPhones? Plus they are already under heavy surveillance.

The Chinese already make them install spyware by force. See 2017 story: https://t.co/pQZBfY4N4u https://t.co/n7cgVyI0NV

— Matt Suiche (@msuiche) September 2, 2019

The iOS zero-day exploit was real, Google’s report was bogus https://t.co/AABNjvV23g pic.twitter.com/IqE9ehcsMp

— Philip Elmer-DeWitt (@philiped) September 2, 2019

China believed to have used iPhone exploits to track Uyghur Muslims https://t.co/X2hZs9nH0m
#Security #Cybersecurity #Hackers #Cyberattacks #CSO #Cyber #Infosec #Datasec #CISO

— Evan Kirstel (@evankirstel) September 2, 2019

China believed to have used iPhone exploits to track Uyghur Muslimshttps://t.co/oRAxMIYew1

— Atheist Republic (@AtheistRepublic) September 2, 2019

Sites stealing iPhone data reportedly targeted Uyghur Muslims - Engadget https://t.co/4XW2oNljPf via @GoogleNews

— Joseph Brown (@Joseph_M_Brown) September 1, 2019

How many Uygurs were tortured as a proximate effect of memory safety vulnerabilities? https://t.co/ZwwHetxHwZ

— Stephen Judkins (@stephenjudkins) September 2, 2019

The surveillance state has taken new measures in monitoring Uyghur Muslims of Xinjiang.#Uyghur #China #HumanRightshttps://t.co/CgCIiNPE0B

— Free Tibet (@freetibetorg) September 2, 2019

China targeted Uyghurs in East Turkistan by exploiting iPhone security flaws allowing hackers to access messages, passwords, and track their location.https://t.co/V9D9A69krt

— WorldUyghurCongress (@UyghurCongress) September 2, 2019

TechCruch reports that iPhone watering hole attacks targeted China's Uyghur minority https://t.co/vLr8TeNknj while Forbes adds that the same group was also targeted with Android and Windows malware https://t.co/UtchGx2tJ8 pic.twitter.com/e65kYtd9yz

— Virus Bulletin (@virusbtn) September 2, 2019

Sources say China used iPhone hacks to target Uyghur Muslims – TechCrunch https://t.co/U1mZUPGLPA

— AhmetÖzuygur (@ozuyguroglu) September 2, 2019

Exclusive: Malicious websites used to quietly hack into iPhones over the past two years was an effort by China to target Uyghur Muslims. https://t.co/mARHw5bZDp

— Zack Whittaker (@zackwhittaker) August 31, 2019

That iOS hack was apparently a state sponsored attack by the Chinese government @zackwhittaker says https://t.co/dvPe4cyiIP

— Max Chafkin (@chafkin) September 2, 2019

So it seems that the Uyghur Muslims are doing better than most Americans since they can afford iPhone. And the “concentration camps” are definitely better than those at the southern borders of USA since they have mobile coverage. May be 5G too? Joke! https://t.co/z3ule3ymqH

— Hong-Eng Koh (高宏荣) (@he_koh) September 2, 2019

Actually I did mix the articles up (been reading to many on them) @zackwhittaker actually wrote it in tech crunch https://t.co/odPVlyPXiT

— Chase Dardaman ? DerbyCon (@CharlesDardaman) September 2, 2019

Sources say China used iPhone hacks to target Uyghur Muslims https://t.co/JOmKabnUVQ

— Sam Bowne (@sambowne) September 1, 2019

Sites stealing iPhone data reportedly targeted Uyghur Muslims https://t.co/rpbvXO22Id pic.twitter.com/MIArXxQqaG

— #AI (@AI__TECH) September 2, 2019

Update: rumor is it was China targeting Uighur Muslims. An authoritarian government targeting dissidents was the most likely explanation, though my first guess would have been a gulf state. https://t.co/VQmguTPVxk

— MalwareTech (@MalwareTechBlog) September 1, 2019

Sources say #China used iPhone hacks to target #Uyghur #Muslims. #SaveUyghur #CloseTheCampshttps://t.co/4NRRuHTKN9

— Arslan Hidayat (@arslan_hidayat) September 1, 2019

Sources say China used iPhone hacks to target Uyghur Muslims – @TechCrunch https://t.co/PWRFgmVKK3

— Uyghur Bulletin (@UyghurBulletin) September 1, 2019

소식통: 프로젝트 제로가 최근 백서로 올린 iOS 헛점 배포 사이트는 위구르 자치구의 무슬림 감시를 위해 사용했다는 정황. FBI가 해당 사이트를 구글 검색 인덱스에서 지워줄 것을 요청했다고도. 탈취 데이터 중 중국서 주로 사용하는 프로그램이 포함되어 있기도 하고요. https://t.co/vchCInCNX0

— 나가토 유키 (@nagato708) August 31, 2019

"A number of malicious websites used to hack into iPhones over a two-year period were targeting Uyghur Muslims, @TechCrunch has learned," writes @zackwhittaker https://t.co/NtzXwMhtZH

— Privacy Project (@PrivacyProject) September 1, 2019