China’s Software Stalked Uighurs Earlier and More Widely, Researchers Learn
July 01, 2020Before the Chinese police hung high-powered surveillance cameras and locked up ethnic minorities by the hundreds of thousands in China’s western region of Xinjiang, China’s hackers went to work building malware, researchers say.
The Chinese hacking campaign, which researchers at Lookout — the San Francisco mobile security firm — said . . . had begun in earnest as far back as 2013 and continues to this day, was part of a broad but often invisible effort to pull in data from the devices that know people best: their smartphones.
Lookout found links between eight types of malicious software — some previously known, others not — that show how groups connected to China’s government hacked into Android phones used by Xinjiang’s largely Muslim Uighur population on a scale far larger than had been realized.
The tools the hackers assembled hid in special keyboards used by Uighurs and disguised themselves as commonly used apps in third-party websites. Some could remotely turn on a phone’s microphone, record calls or export photos, phone locations and conversations on chat apps. Others were embedded in apps that hosted Uighur-language news, Uighur-targeted beauty tips, religious texts like the Quran and details of the latest Muslim cleric arrests.