Researchers at Canada’s Citizen Lab have spotted a phishing campaign and supply chain attack directed at Uyghur people living outside China, and suggest it’s an example of Beijing’s attempts to target the ethnic minority group.

Many Uyghur people, a Muslim ethnic majority, live in China’s Xinjiang province and according to the United Nations are subjected to “serious human rights violations” including arbitrary detention, may be forced not to use their own language, and are subject to discriminatory government policies that create “interlocking patterns of severe and undue restrictions on a wide range of human rights.

Some Uyghur people have moved abroad, and formed a group called the World Uyghur Congress (WUC) to lobby for their people’s rights. According to Citizen Lab, “several senior members” of the Congress living outside China were sent emails that “impersonated a trusted contact at a partner organization and contained Google Drive links that, if clicked, would download a password-protected RAR archive.”

That archive contained a Windows version of an open source Uyghur text editor called UyghurEditPP. Citizen Lab thinks members of the WUC know the application’s developer, who has also worked on optical character recognition software for Uyghur script and speech recognition software for the Uyghur language. That prior relationship means recipients would likely trust the sender.