Cyber security firm AlienVault Labs has claimed that malware attacks on Falun Dafa supporters in China, the Philippines, and Vietnam are being initiated by Chinese hackers. The year-long attack has compromised sensitive information from beleaguered supporters of the group. AlienVault claims that the same Chinese hackers who focus on breaching rival military powers are behind the Falun Dafa hacks.
“We have seen similar behavior in attacks against Tibetans,” Jaime Blasco, the head of AlienVault’s security team, said in an interview with TechWeek. “Based on the data I see on a daily basis, the number of attacks against activists has been increasing.”
Falun Dafa (more commonly known as Falun Gong) is a controversial religious movement with roots in China that was founded in 1992. It combines qigong exercises with Buddhist and Taoist underpinnings. Although the group is considered peaceful by many, the Chinese government perceives it as a threatening cult.
“Beijing’s efforts against the Falun Gong, which stem from fears over its substantial growth as an independent-minded group thriving outside of Communist ideology and control, have been remarkable,” said CNN. “The government is alleged to have created an extra-legal police force, called the 6-10 Office, which hunts, arrests, and detains them without trial in ‘re-education-through-labor’ centers, where they are tortured and mistreated and may constitute half of the inmates.”
According to AlienVault, attackers have used a variety of shadowy methods to lash out at Falun Dafa’s faithful. The breaches appear to target email accounts and personal information, with one such attack going as far as pretending to be a fellow Falun Dafa supporter pleading for help. According to TechWeek:
“One of the spear phishing emails … claimed to be [from] fellow members of the movement, asking for help. ‘We are Falun Gong/Dafa (you may hear about it, it is our religion) practicers [sic], persecuted by the Chinese government,’ the email read. ‘Our computers and mail systems are attacked by them everyday. They want to find out who are practicing Dafa, what we are going to do next, and so on.’”
Another attack was the first of its kind, referred to as a “zero-day threat,” AlienVault stated. It was designed to steal Microsoft Outlook login information and email contents. Because it was a new kind of malware, no anti-viruses were able to stop it.
While activists and Falun Dafa practitioners in the Philippines and Vietnam remain outside of the Chinese government’s judicial system, the compromised personal information belonging to Chinese nationals could prove dire.
“There is chilling evidence to suggest that a horrific and prolific business in transplant organs has been sustained by those harvested without consent from Falun Gong and other prisoners, benefiting China’s organ tourism industry,” reported CNN.