An iPhone hack that China turned against Uyghurs

It has been reported that US officials claim that an attack that targeted Apple devices was developed at the country’s top hacking competition and was then used to spy on China’s Muslim minority.

A highly successful iPhone hack was secretly used by Beijing to spy on Uyghurs in the country

After the attack was tracked by the United States, Apple was informed of the incident

Experts believe that the Tianfu Cup will be an opportunity for China to get zero-days in the future

There was a group of hackers from China that arrived in Vancouver, Canada, in March 2017 with one goal in mind: Finding the weak spots hidden inside the most popular technologies in the world. 

A number of companies, including Google’s Chrome browser, Microsoft’s Windows operating system, as well as Apple’s iPhone, were targeted by the group. The law was not being broken, but no one was breaking it. This is only a small sample of the people participating in Pwn2Own, one of the most prestigious hacker competitions in the world.

During this year’s Pwn2Own contest, which is celebrating its tenth anniversary, elite hackers from around the world competed to win big cash prizes if they managed to exploit previously unseen software vulnerabilities, referred to as zero-days, for free. Whenever a flaw is discovered, the details are passed on to the companies involved, allowing them time to fix it as soon as possible. At the same time, the hacker walks away with a financial reward as well as eternal bragging rights.

An iPhone hack that China turned against Uyghurs
An iPhone hack that China turned against Uyghurs

It has not been a secret that Chinese hackers have been dominating at events like Pwn2Own for years, winning millions of dollars in prizes and establishing themselves as one of the elite hackers in the world. All of that changed in 2017, however. 

One of the most important technology firms in China-Qihoo 360-the billionaire founder and CEO of the Chinese cybersecurity giant that has been rated as one of the world’s most important technology firms-has publicly criticized Chinese citizens who travel overseas to participate in hacking competitions. He told the Chinese news site Sina that, in his opinion, performing well in such events is mere “imaginary” success, as quoted by Zhou Hongyi in an interview with the Chinese news site Sina. When Chinese hackers demonstrate vulnerabilities at overseas competitions, Zhao warned that once they have exposed them, they are no longer able to exploit them. According to him, hackers and their knowledge should remain in China so that they can recognize the true importance of the vulnerabilities as well as their “strategic value.” 

The Chinese government agreed with the proposal. Within a short period of time, the Chinese government took action and banned cybersecurity researchers from participating in overseas hacking competitions. A few months after the international contests had ended, a new contest had popped up within China to replace the international contests. It was called the Tianfu Cup and it was a competition with prizes totaling more than a million dollars. 

It was held for the first time in November of 2018 as an inaugural event. A top prize of $200,000 was awarded to Qixun Zhao, a researcher from Qihoo 360 who demonstrated that he had developed a remarkable chain of exploits that had allowed him to easily and reliably gain access to even the latest and most recent iPhones. His findings began as a result of a weakness he discovered within the Safari web browser, the basis of the operating system of the iPhone, the kernel of the device. What was the outcome of the experiment? Using Qixun’s malicious code on a web page, an iPhone could be taken over remotely by an attacker posing as a web developer. The kind of hack that is being performed here is the kind that can potentially be resold for millions of dollars on the open market as a way to allow criminals or governments access to massive amounts of data. This piece of art was named “Chaos” by Qixun.

In January 2019, Apple issued a software update that included a fix for the flaw that was discovered two months prior. In fact, there was little fanfare, just a quick thank you note to those who had stumbled upon it.

According to a Google report published in August of that year, a hacking campaign was “exploiting iPhones en masse” in a campaign that Google said was “exploiting iPhones en masse.” Researchers examined five distinct exploit chains they had discovered in the wild. One of these exploits that won Qixun the top prize at Tianfu was also claimed to have been discovered by an unknown “attacker” as well. 

Researchers at Google have noted similarities between the real-world attacks they caught and the Chaos attacks that they observed being performed in the real world. Despite their deep dive, however, the authors of the report failed to disclose the identities of the victims and the attackers: the Uyghur Muslim community and the Chinese government respectively.

Campaign of oppression

Uyghurs and other minorities in Xinjiang have been subjected to human rights abuses for seven years. It includes detention camps, mandatory sterilization, torture, rape, forced labor, and a massive surveillance program. Beijing says its actions are intended to fight “terrorism and extremism,” but other countries, including the United States, have called them genocide. Uyghur lives are dominated by high-tech oppression, including targeted hacking campaigns.

As a result of China’s aggressive hacking of Uyghurs, the attack is effectively global. Beijing targets journalists, dissidents, and anyone raising suspicions about loyalty. 

Media reports connected the dots shortly after Google researchers noted the attacks: the Uyghur people were the target, and the hackers were Chinese government operatives. In a rare blog post, Apple confirmed the attack began almost immediately after Qixun won the Tianfu Cup and ended two months later.  

MIT Technology Review confirms that a US government surveillance agency detected the Chaos exploit used against Uyghurs and informed Apple. Google and Apple declined to comment.

Chinese intelligence used the Tianfu Cup exploit to spy on Uyghurs, and that it was quickly handed over to Chinese intelligence. The Americans concluded the Chinese essentially followed Qihoo’s Zhou Hongyi’s strategic value plan. 

Uyghur hack details were collected by the US, matching Tianfu’s Chaos hack, MIT Technology Review reports. After Google’s in-depth examination, they found structural similarities between the exploits. The US quietly notified Apple, who had already been tracking the Tianfu hack on its own and concluded they were the same. An important fix was prioritized.

Several inquiries to Qihoo 360 and Tianfu Cup went unanswered. Through Twitter, we contacted Qixun Zhao, who strongly denied involvement while also not remembering who acquired the exploit code. It was initially suggested that this exploit may have been used “after the patch release,” but in reality, it was used before January 2019. As a result, his ‘Chaos’ exploit shared code with other hackers. Despite similarities between these exploits, Apple and US intelligence have long concluded they are the same. Even though Qixun wrote the exploit, there are no indications he was involved personally in its subsequent handling. (Chinese law requires citizens and organizations to assist the country’s intelligence agencies when requested.)

The vulnerabilities had been closed by Tianfu.

According to Adam Segal at the Council for Foreign Relations, China’s original decision to keep discovered vulnerabilities inside the country motivated its opposition to hackers going abroad to competitions. Moreover, it cuts off top Chinese hackers from other sources of income, forcing them to work closely with the government.

It’s a grim incident. An elite Chinese hacker won public acclaim and large amounts of money for hacking an iPhone. The problem was exploited by Chinese intelligence virtually overnight, before Apple could handle it. In broad daylight and knowing there were no consequences, the act was brazen.

Leave a Comment