On the 90th birthday of the Dalai Lama, something very serious happened online. A group of hackers made fake websites and fake apps that looked real and safe. These apps were made to trick Tibetan people.

Hackers Target Tibetans By using fake Dalai Lama apps

They looked like they were made to celebrate the Dalai Lama or to share Tibetan culture. But in reality, they were not safe at all.

The hackers are believed to be connected to China. They used this special time, when people were excited and emotional about the Dalai Lama’s birthday, to launch two big cyberattacks. Their goal was to spy on people without them knowing.

When people downloaded these fake apps, the apps secretly installed something called spyware. Spyware is a type of bad software that hides in your phone or computer. It can watch what you are doing, take your information, and even listen through your microphone or see through your camera without asking you. The people using these apps had no idea that they were being watched or followed.

Two Fake Apps Were Used in These Attacks

The first attack was called Operation GhostChat. In this attack, the hackers copied a real website of a Tibetan charity. The fake website looked almost exactly like the real one. Many people were sent links about the Dalai Lama’s birthday, and they clicked on them thinking they were going to a real page. When they arrived on the fake site, they were asked to download something that looked like a Tibetan version of a secure chat app.

But the app was not a real chat app. It was carrying a hidden spyware program called Gh0st RAT. Once this program was inside someone’s device, it could secretly do many bad things. It could record everything the person typed, take pictures of the screen, turn on the webcam and microphone, and steal personal files. All of this happened without the person knowing. It allowed the hackers to spy on everything that person was doing.

How Cyber Attacks on Industrial Control Systems Can Endanger Lives ?

The second attack was called Operation PhantomPrayers. In this case, the hackers made a fake app called Global Birthday Check-in. This app had a special map where people could send their birthday wishes to the Dalai Lama. It looked friendly and joyful, so many people used it. But while they were using the app, it secretly installed another spyware called PhantomNet in the background.

This spyware allowed the hackers to steal more information, follow people’s online activity, and even install more dangerous software on their phones or computers. Again, the users had no idea that this was happening.

Both of these fake apps looked kind and safe on the outside. But on the inside, they were made to steal information and watch people without their permission.

Experts Say the Hackers Were Backed by China

Cybersecurity experts studied these attacks very closely. Two groups called Zscaler ThreatLabz and TibCERT found out that the spyware used in the attacks was not new. The same tools had been used before by hackers linked to the Chinese government. This made it clear that the attack was not just done by random people. It was done by trained hackers who had strong support and resources.

The spyware called Gh0st RAT and PhantomNet had been used before in spying cases. In fact, these tools are very powerful. With them, someone can gain full control of a device. For example, they can take information without permission.

Cyberattack Catastrophe: How Hackers Can Endanger Human Lives ?

Even worse, they can watch people in real time using their webcams and microphones. Because of these abilities, such tools are often used in large spying missions and not by regular criminals.

The experts believe that this was a planned attack. It was not a mistake or a small trick. It was done carefully during a very important time for the Tibetan community. By using fake apps that looked like they supported the Dalai Lama, the hackers were able to trick many people. They used kindness and culture as a disguise to hide their real goal, which was spying.

This attack shows how dangerous fake websites and apps can be. Even when something looks friendly or fun, it can hide something harmful inside. People should be very careful when downloading anything online, especially during big events or celebrations.