Connect with us

Hi, what are you looking for?

Cyber Security

Secure communication: Beleaguered Hong Kong dissidents seek refuge on ‘digital underground’

Pro-democracy activists in Hong Kong have “turned to the digital underground” as authorities wield sweeping new surveillance powers, a new report reveals.

Dissidents in the Chinese Special Administrative Region (SAR) are increasingly “using dark web forums and encrypted messaging apps to circumvent digital surveillance by authorities” empowered by a controversial new national security law, according to research by threat intel firm IntSights.

Passed in June 2020, the legislation grants law enforcement agencies powers to conduct warrantless searches and covert surveillance, seize travel documents, and compel online service providers to cooperate with requests to remove content.

The law was used in January to detain more than 50 pro-democracy activists and politicians, and reportedly block access to an anti-government website on the grounds that it violated separate, anti-doxxing legislation.

In a multi-pronged effort to quell dissent, the Chinese government is also linked to various malware and disinformation campaigns designed to demoralize activists and disrupt their activities.

For instance, when a UK-based dark web user claimed in November 2020 that at least 13 overseas websites had been blocked in Hong Kong, a pro-China counter-post blamed the incident on defective servers, reports IntSights.

Last year, moreover, Twitter removed more than 170,000 accounts that were said to be part of a “manipulative and coordinated” campaign to spread disinformation about pro-democracy protests that have convulsed the SAR for the past two years.

Malware and APTs

APT threat groups believed to be backed by the Chinese government have targeted Hong Kong citizens, universities, and news media deemed a threat to “unity” with malware campaigns since 2014.

One iOS-optimized malware strain that emerged in 2020, LightSpy, allows an attacker to remotely exfiltrate infected devices’ call history, geolocations, and contact lists.

An Android version, called dmsSpy, was “distributed through Instagram and Telegram with content designed to get victims to download an app dedicated to the Hong Kong Democracy and Freedom Movement”, says the report.

Another, malicious archive campaign, leveraged MGbot malware linked to APT group ‘Evasive Panda’ and embedded a message from UK Prime Minister Boris Johnson inviting Hong Kongers to emigrate to Britain.

Going dark

Growing numbers of beleaguered activists are paying fees to use dark web services in order “to safely communicate with each other, discuss politics, share information, and inquire about newer and more secure apps through various channels available on the dark web”.

Despite exercising such apparent caution, many pro-democracy netizens are nevertheless taking great risks in using generally pro-China, Chinese-language dark web forums to criticize the government and police.

Moreover, the ubiquity of nefarious activities on the darknet – such as the sale of stolen data, credit card skimmers, and recreational drugs – threatens to “lure” politically motivated “users into illicit cybercriminal activity”.

Un-crackable iPhones

Activists are using myriad messaging apps and communication tools to evade surveillance.

Advertisement. Scroll to continue reading.

These include end-to-end encrypted services Telegram, which claimed it was hit by a DDoS attack originating from China in 2019, and Signal, whose popularity has surged, according to IntSights researchers, in response to controversial changes to WhatsApp’s privacy policy.

Dissidents have also used Apple’s Bluetooth-powered Airdrop feature to communicate with allies and organize rallies – and the latest iPhones appear to be generally the safest bet for dissidents.

Speaking on the condition of anonymity, a Hong Kong police officer is quoted by IntSights researchers as stating that law enforcement were “unable to crack newer Apple iPhone models locally” despite finding “ways to compromise Android” devices and access Google Drive files.

Bluetooth app Bridgefy, meanwhile, is helping activists communicate offline courtesy of its innovative use of mesh networks.

However, Professor Alan Woodward, a computer security expert at Surrey University, has pointed out that that authorities could still intercept communications.

“With any peer-to-peer network, if you have the know-how, you can sit at central points of it and monitor which device is talking to which device and this metadata can tell you who is involved in chats,” he told the BBC in 2019.

Videoconferencing platforms such as Zoom have also become a more useful eavesdropping medium for government agencies since university seminars migrated online due to the Covid-19 pandemic.

IntSights expects there to be no let-up in the Chinese Communist Party’s efforts to “minimize the reach and impact” of dissidents’ messages, and anticipates “a rise in VPN usage and end-to-end encryption applications, such as Signal, Telegram, and ProtonMail, and related services”.

It adds: “While there was no evidence of hacktivist activities by Hong Kongers, we cannot rule out that this is happening on a small scale.”

Source: https://portswigger.net/daily-swig/secure-communication-beleaguered-hong-kong-dissidents-seek-refuge-on-digital-underground

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

It has recently come to light that the individuals responsible for the development and distribution of the infamous Raccoon Stealer malware have returned to...

Cyber Security

Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich....

Cyber Security

An alarming number of 120,000 computers have been infiltrated by stealer malware, and the credentials obtained from these infected devices are linked to cybercrime...

Cyber Security

Security researchers have dissected a recently emerged ransomware strain named ‘Big Head’ that may be spreading through malvertising that promotes fake Windows updates and Microsoft Word...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO