We are tracking a campaign targeting human rights activists working on Hong Kong and Xinjiang. The tactics are low technology but very persistent and has continued for at least 12 months across a number of countries. 1
#cybersecurity #HK #Xinjiang
Most of the targets have been activists. Some attacks include the creation of fake email addresses and impersonation. Other tactics include standard Business Email Compromise attacks. The attackers operate primarily out of China. 2
Some of the recipients of these fake emails are highly vocal pro-China actors, with a history of persistent targeting of activists. They have been receiving emails appearing to be from activists but are being sent by the threat actor in an attempt to discredit them. 3
The fact that the threat actor had the email addresses of a large number of the pro-PRC actors compiled for this campaign is a telling indicator of the community they may have emerged from. 4
The attacks also coincide with significant bot targeting of activist social media campaigns. This includes tagging in thousands of posts by twitter bots, essentially DDoSing activists from being able to track social media. 5
You can follow @rpotter_9.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.