The exploit itself is 22,963 bytes of code and if successful will ultimately result in the forced download of a file name loader to the /data/data/com.android.browser directory of the victim device
How can a website force download a file to a device? Seems like a browser vulnerability
Volexity has identified similarities to but has not yet verified that the exploit being employed in this attack is the Chrome Turbofan remote code execution vulnerability that was reported via the SecuriTeam Secure Disclosure program and is covered in an advisory here:https://ssd-disclosure.com/archives/3379/ssd-advisory-chrome...
> The exploit itself is 22,963 bytes of code and if successful will ultimately result in the forced download of a file name loader to the /data/data/com.android.browser directory of the victim device
The way you quoted is unreadable on mobile, and difficult to read on desktop (scrolling). It is meant for max 80 chars blocks of programming text.
True but just a quick heads up, HN changed the formatting options. The right angle bracket doesn't italicize quotes like it used to and isn't mentioned in the formatting help guide now. Many new HN posters aren't familiar with the old formatting style.
I am gonna have to call BS on this report. Everyone knows that google including gmail is blocked in China, so why would they try to get a hold of their google oauth? Additionally, I just went onto one of the mentioned websites at random, turkistantimes.com and guess what, the site is hosted in the America, in Houston!
So either that Xinjiang province is not behind the great firewall, or that Xinjiang has far greater internet freedom than the rest of China, so which one is which? You can't really have both in this case.
Specialized VPNs (SS/SSR) are a common way to work around the GFW to get worldwide internet access.
If you're targeting activists inside of China you have to expect they'll use those VPNs. You also expect them to specifically choose non-chinese mail/communication mediums in order to not be identified by the PRC.
This report is newsworthy because it says that making these choices might not protect you anymore.
The oppressed minorities in China have to use VPNs, and China has shown repeatedly that they do not limit cyber attacks to their own territories. In Sweden a very small, local newspaper argued that Taiwan should be recognized as a proper country in the WHO. China made a formal request to the Swedish Ministry of Foreign Affairs that the journalist and publisher should be condemned (I work for the publisher), and that the ministry should publish a "correction" in said newspaper. We refused and the ministry also refused. The newspaper's site has been DDOS:ed sporadically for months now after that and this attack shows no signs of stopping. I believe in coincidences, but I don't believe this is a coincidence.
> However, as the sites listed in this post are actually blocked in China, it can be seen that the Uyghur diaspora around the world are also primary targets of these digital surveillance operations. These operations can be used to track the movements of Uyghurs outside of China and spy on those they are communicating with.
"However, each of the compromised websites are banned by the great firewall in China, leaving largely only those outside of the country as targets and potential victims."
China is targeting Uighurs that have moved out of China: the "Uighur diaspora".
When you smell bullshit, always double check your assumptions, sometimes the smell is coming from nearer than you might think!