Since her personal phone number was posted online, Hong Kong pro-democracy activist Carol Ng has received menacing calls from strangers and been bombarded with messages calling her a “cockroach”.
She is not alone.
A sophisticated and shady website called HK Leaks has ramped up its “doxxing” — where people’s personal details are published online — of Hong Kong political activists, targeting those it says have broken a sweeping new national security law.
Promoted by groups linked to the Chinese Communist Party and hosted on Russia-based servers, HK Leaks has become the most prominent doxxing site targeting democracy activists since it first emerged in 2019.
The website continues to operate despite requests last year from Hong Kong’s Privacy Commissioner to remove all personal profiles, and it has been referred to the Hong Kong Police for investigation.
Home addresses, social media profiles and telephone numbers feature alongside descriptions of individuals’ alleged “crimes”.
The website published information on at least 14 people it claims broke the security law — a charge which carries a maximum sentence of life in prison — within weeks of the legislation being imposed by Beijing on the city, an AFP investigation found.
“When it first happened I was very stressed,” Ng, chairwoman of the Hong Kong Confederation of Trade Unions, told AFP.
“I received some phone calls and messages from ‘blue ribbon’ people on Facebook,” she said, referring to government supporters who adopted the colour because it is associated with the police.
“Every now and then, I receive a mass of WhatsApp messages, thousands of stickers. They call us cockroaches.”
“They know they will make people very scared. But I’m not afraid, because this is my freedom and I will defend my freedom,” Ng added.
– ‘Bulletproof hosting’ –
HK Leaks has so far posted the personal details of more than 2,000 people it deems guilty of various “misdeeds” — a tenfold increase in a year.
Registered on a Russian server, it is specifically designed to evade prosecution, experts say. It uses so-called bulletproof anonymous hosting — also favoured by controversial white supremacist-linked sites such as 8kun — and regularly shifts domains.
Online traffic has increased to about 230,000 annual unique page views, according to SiteWorthTraffic.
In an update since last year, the site now features a pop-up window saying “rioters have ruined the rule of law and order of society in Hong Kong”, and claims more than 2,000 police and pro-China individuals have themselves been doxxed by activists.
Prominent pro-democracy leaders Joshua Wong and Agnes Chow, co-founders of the disbanded Demosisto party, are on the site under a subsection named “Hong Kong independence rioter”, while media mogul Jimmy Lai is also listed.
Also among the 14 alleged national security law offenders to have been doxxed are well-known activists Tony Chung, Nathan Law and Ray Wong.
Chung in July became the first political figure to be arrested under the law over allegations he had promoted Hong Kong independence through Studentlocalism, a group he co-founded in 2016.
Law, former chairman of Demosisto, fled to Britain after the national security law was passed.
Later that month, Chinese state media reported Law and Wong were among six people wanted by the Hong Kong Police on charges of “inciting session and colluding with foreign and external forces”.
Ray Wong, who was granted political refugee status in Germany in May 2018, told AFP he suspects he has been targeted as part of a harassment campaign by Hong Kong and mainland Chinese authorities.
“I am not surprised at all,” he said. “The Hong Kong government said they would try to arrest me by any means.”
Online archives suggest HK Leaks migrated to its latest Pakistani domain address in November 2019.
The site moved its domain multiple times last year, apparently in an attempt to avoid detection, analysis by AFP has found.
To date, however, no one has been charged over the doxxing campaign.
Related: Facebook, Others, Block Govt Requests on Hong Kong User Data
Related: Chinese Threat Actor Uses New MgBot Variant in Attacks on India, Hong Kong
Related: Chinese Hackers Target Hong Kong Universities With New Backdoor Variant
Related: Spyware Delivered to iPhone Users in Hong Kong Via iOS Exploits