A number of malicious websites used to hack into iPhones over a two-year period were targeting Uyghur Muslims, TechCrunch has learned. Sources familiar with the matter said the websites were part of a state-backed attack — likely China — designed to target the Uyghur community in the country’s Xinjiang state. It’s part of the latest effort by the Chinese government to crack down on the minority Muslim community in recent history. In the past year, Beijing has detained more than a million Uyghurs in internment camps, according to a United Nations human rights committee. Google security researchers found and recently disclosed the malicious websites this week, but until now it wasn’t known who they were targeting. The websites were part of a campaign to target the religious group by infecting an iPhone with malicious code simply by visiting a booby-trapped web page. In gaining unfettered access to the iPhone’s software, an attacker could read a victim’s messages, passwords, and track their location in near-real time. Apple fixed the vulnerabilities in February in iOS 12.1.4, days after Google privately disclosed the flaws. News of the hacking campaign was first disclosed by this week. These websites had “thousands of visitors” per week for at least two years, Google said. But it’s not immediately known if the same websites were used to target Android users. Victims were tricked into opening a link, which when opened would load one of the malicious websites used to infect the victim. It’s a common tactic to target phone owners with spyware. One of the sources told TechCrunch that the websites also infected non-Uygurs who inadvertently accessed these domains because they were indexed in Google search, prompting the FBI to alert Google to ask for the site to be removed from its index to prevent infections. A Google spokesperson would not comment beyond the published research. A FBI spokesperson said they could neither confirm nor deny any investigation, and did not comment further. Google faced some criticism following its bombshell report for not releasing the websites used in the attacks. The researchers said the attacks were “indiscriminate watering hole attacks” with “no target discrimination,” noting that anyone visiting the site would have their iPhone hacked. But the company would not say who was behind the attacks. Apple did not comment. An email requesting comment to the Chinese consulate in New York was unreturned. Malicious websites were used to secretly hack into iPhones for years, says Google
Archive for August, 2019
Tesla’s Model 3 interior (even the steering wheel) is now 100% leather-free
Tesla said Saturday that its Model 3 interiors are now completely free of leather, fulfilling a promise made by CEO Elon Musk at this year’s annual shareholder meeting. Tesla has been closing in on a leather-free interior for a couple of years now. But a sticking point was the steering wheel, which Musk made mention of at the company’s shareholder meeting in June in response to a request from PETA activist. “I believe we were close to having a non-heated steering wheel, that’s not leather,” Musk said at the time. “There are some challenges when when heat the non-leather material and also how well it wears over time.” Musk said Model Y and Model 3 would be vegan by 2020. He wasn’t sure if the company would be able to meet that same goal for the Model S and X. Model 3 interior is now 100% leather-free pic.twitter.com/2F47zp8A4T — Tesla (@Tesla) August 31, 2019 Activist shareholders made a proposal in 2015 that Tesla no longer use animal-derived leather in the interiors of its electric vehicles by 2019. While stockholders rejected that proposal, Tesla did begin rolling out more “vegan” interior components in its cars. The company began by offering leather-free seats as an option. Two years ago, Tesla made the synthetic material standard in its Model 3, Model X and Model S vehicles.