Uyghur Academy

The Uyghur Academy operates an online presence that is associated with the Uyghur diaspora and its cause. Its website provides information and resources related to Uyghur identity, culture, and community affairs. The organization serves a global audience of Uyghurs and supporters seeking news, educational content, and community engagement. While specific programs or services are not detailed in the source material, the site is described as a legitimate entity whose domain has been mirrored by threat actors. The academy’s digital platform is intended to support communication and information sharing among Uyghur communities abroad. Its role is therefore centered on maintaining a credible source of Uyghur‑related content on the internet.

The Uyghur Academy is headquartered in China, as indicated in the organization’s profile. It has been repeatedly targeted by Chinese APT groups in cyber campaigns dating back to at least 2013. In those incidents, attackers created doppelganger domains that mimicked the academy’s legitimate website to lure visitors. The malicious infrastructure included the Scanbox framework for visitor profiling and Android exploits to compromise mobile devices. Additionally, the campaigns abused Google OAuth to hijack Gmail accounts associated with the academy’s users, exfiltrating emails and contacts. These operations demonstrate that the academy’s online assets have been a focal point for surveillance and data‑theft efforts aimed at the Uyghur diaspora.