A new report by the Citizen Lab reveals the first documented cases of iOS exploits and spyware being used against members of the Tibetan diaspora. Between November 2018 and May 2019, we observed intrusion attempts against individuals from the Private Office of His Holiness the Dalai Lama, the Central Tibetan Administration, the Tibetan Parliament, and Tibetan human rights groups. These high-profile community members received malicious links in individually tailored WhatsApp text exchanges with operators posing as NGO workers, journalists, and other fake personas. The links led to code designed to exploit web browser vulnerabilities to install spyware on iOS and Android devices, and in some cases to OAuth phishing pages.
“These apps, like Facebook, already hold a boatload of permissions to access the phone’s camera, microphone, GPS, SMS messages, contacts, and call logs,” Citizen Lab research fellow Bill Marczak told Forbes, adding that they “have a large attack surface since they run a full browser.”
These findings suggest that platform developers should pay special attention to attacks against civil society: not only are civil society users at heightened risk of negative consequences from digital espionage, but the surveillance tools developed and honed with the unwitting aid of civil society targets put all users at risk.