Do not download Android Apps from third party vendors.
According to a new report from the cloud security firm Lookout Threat Lab, a new surveillance campaign targeting Uyghurs was discovered.
According to the report, which was released on November 10, 2022, this campaign unveils a new Android surveillance tool called BadBazaar.
This tool works by “masquerading” as Android apps including messaging services (such as Telegram), prayer time apps, dictionaries, or translation tools, and installing surveillance functionality on the device to collect information such as who you’re speaking to, contacts, photos, and GPS data.
Report shows that BadBazaar has also started masquerading as Apple Apps. For example, there is an Apple app has an identical name of “Uyghur Lughat” and icon to the BadBazaar variant.
For years, the Chinese government has carried out surveillance operations against Uyghurs residing both inside and outside of China. Although this is not a new phenomenon, the Lookout report highlights the importance of cybersecurity issues to all people of Uyghur ethnic descent. It indicates that technology-enhanced repression of Uyghurs shall be a major transnational concern. For example, the report states that this Chinese-government-backed surveillance campaign sought to target Uyghurs in Muslim-majority countries such as Afghanistan or Turkey.
What to do:
- Always download apps from official app stores. Do not download from social media or from links that are being shared on social media
- Spread the news and raise awareness among Uyghurs and non-Uyghurs
- Alert Uyghurs, particularly those who are living in majority-Muslim countries like Turkey and Afghanistan
- Workplaces, communities that have Uyghur members, and mosques where Uyghurs pray should make alert in this regard
- Governments around the world should keep calling on the Chinese government to cease its acts of transnational repression of the Uyghurs
- Majority-Muslim countries must stop their collaboration with China, aiding and abetting the transnational repression of Uyghur Muslims.
“Beyond Silence: Collaboration Between Arab States and China in the Transnational Repression of Uyghurs”. Uyghur Human Rights Project / Oxus Society. 24 March 2022. https://uhrp.org/report/beyond-silence-collaboration-between-arab-states-and-china-in-thetransnational-repression-of-uyghurs/
China Perpetrating Transnational Repression of Uyghurs on Massive Scale, New Joint Report Reveals. Uyghur Human Rights Project (UHRP) and the Oxus Society for Central Asian Affairs, joint report. June 24, 2021. https://uhrp.org/statement/china-perpetrating-transnationalrepression-of-uyghurs-on-massive-scale-new-joint-report-reveals/
Lookout Discovers Long-running Surveillance Campaigns Targeting Uyghurs, November 10, 2022. Lookout Discovers Long-running Surveillance Campaigns Targeting Uyghurs | Lookout
Promoting Accountability for Transnational Repression Committed by People’s Republic of China (PRC) Officials. Press Statement. Antony J. Blinken, Secretary of State. March 21. 2022. https://www.state.gov/promoting-accountability-for-transnationalrepression-committed-by-peoples-republic-of-china-prc-officials/
Researchers say spyware is connected to a Chinese government-backed hacking group, Johana Bhuiyan in New York, November 10, 2022. Spyware targets Uyghurs by ‘masquerading’ as Android apps – report | Uyghurs | The Guardian