The Chinese government used an award-winning iPhone security vulnerability to spy on Uyghur Muslims, giving Beijing complete control over their phones.
The story began in 2017, when the CEO of a large Chinese technology company accused participants from China in global piracy contests of being disloyal.
The founder and billionaire CEO of the Chinese cybersecurity giant Qihoo 360 – one of the most important technology companies in China – has publicly criticized Chinese citizens who have gone abroad to participate in hacking contests.
He said: A good performance in such events is just an imaginary success, and warned that once Chinese hackers display weaknesses in overseas competitions, they can no longer be used.
Instead, he said, hackers should stay in China so they can recognize the true importance and strategic value of vulnerabilities in the software.
And a contest appeared Tianfu Cup For the first time in November 2018, that is, a few months after the state banned cybersecurity research teams from competing in the Pwn2Own hacking competition or any global hacking contests.
The top prize of $ 200,000 went to Qixun Zhao, a Chinese security researcher with Qihoo 360, who offered an exploit that allowed him to easily and reliably control even the latest iPhones.
The complex vulnerability allowed a remote attacker to easily break the iOS 12.1 iPhone X device and control it by visiting a webpage containing malicious code.
And the researcher called the bug Chaos, and show Video clip A proof of concept shows that a successful exploit allows a remote attacker to jailbreak an iPhoneX device, allowing an intruder to access the victim’s data.
According to To report Published by MIT Technology Review, Chinese intelligence used the flaw as a weapon before Apple could solve the problem.
The magazine said: The United States gathered details about how the Chaos iPhone exploit was used to penetrate Uyghur Muslims in China.
Reports in August 2019 stated that the malicious websites used to hack iPhones over the course of two years were targeting Uyghurs.
The magazine said: The United States reached the same conclusion and informed Apple, which was tracking the attack, and came to a conclusion on its own that confirms that the exploitation of Chaos and the attacks against the Uyghurs are coming from one source.
And while giving priority to reform, it was lost Issued Apple had an update to correct the bug in January 2019, and the patch arrived two months after Chaos was unveiled in the Tianfu Cup Chinese hacking competition.
Qixun Zhao categorically denied involvement in spying on Uyghurs via iPhones, and suggested that the vulnerability used against Uyghurs may have been used after the patch was released, but Apple documented how it was used before the January 2019 fix.
It is reported that Chinese law requires citizens and organizations to cooperate with intelligence agencies when required to do so.
Topics of interest to the reader