Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Chinese Spyware Targets Uyghurs Through Apps: Report

Cybersecurity researchers said they have found evidence of Chinese spyware in Uyghur-language apps that can track the location and harvest the data of Uyghurs living in China and abroad.

Cybersecurity researchers said they have found evidence of Chinese spyware in Uyghur-language apps that can track the location and harvest the data of Uyghurs living in China and abroad.

Uyghurs are a Turkic Muslim minority predominantly in China’s northwestern region of Xinjiang, where a recent UN report said Beijing may have committed crimes against humanity.

The United States and lawmakers in other Western countries say China’s treatment of the Uyghurs amounts to genocide.

A Thursday report by San Francisco-based cybersecurity firm Lookout claims that since 2018, multiple Uyghur-language Android apps have been found to be infected with two strains of spyware linked to Chinese state-backed hacker groups.

They include dictionaries, religious apps, maps and even pirated versions of WhatsApp available on third-party stores or shared on Uyghur-language channels on Telegram.

They were not available on the official Google Play store, which is blocked in China, leading Chinese users to use third-party app stores.

The spyware enabled hackers to collect sensitive data including a user’s location, contacts, call logs, text messages and files, the report said, and could also take photos and record calls.

Researchers said the apps could have been used to detect evidence of religious extremism or separatism, for which Uyghurs have been imprisoned, some for decades, as part of a sweeping anti-terrorism crackdown in Xinjiang which observers say amounts to a mass detention campaign.

Large Uyghur diaspora populations also live in central Asia and Turkey.

“The campaign appears to primarily target Uyghurs in China. However, we found evidence of broader targeting of Muslims and Uyghurs outside of Xinjiang,” the report said. 

“Several of the samples we analyzed masqueraded as mapping apps for other countries with significant Muslim populations, like Turkey or Afghanistan.”

– Surveillance state –

For years, China has engaged in mass monitoring of Uyghurs in Xinjiang, creating a province-wide surveillance platform that vacuums Uyghurs’ personal data from their phones and tracks their movements through facial recognition. 

Several Chinese surveillance and camera firms have been sanctioned by the US for alleged complicity in human rights violations.

Uyghurs living abroad have spoken of attempts at cross-border surveillance and coercion from Chinese police back in Xinjiang. 

Liu Pengyu, a spokesperson at the Chinese Embassy in Washington, told Bloomberg News “we oppose wild guesses and malicious slurs against China”, adding the country opposes “all forms of cyber attacks”.

Samples of the infected apps were dated from 2018 onwards, and the vast majority of apps infected with one strain of spyware were discovered in the second half of this year, the report said.

“Despite growing international pressure, Chinese threat actors operating on behalf of the Chinese state are likely to continue to distribute surveillanceware targeting Uyghur and Muslim mobile device users through Uyghur-language communications platforms,” Lookout researchers wrote.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6...