A new report by Lookout Threat Intelligence has revealed that China has been using malware tools to keep track of Uyghur people. This surveillance activity was observed as far back as 2013. Four Android tools are used in the trojan apps hacking campaign — SilkBean, CarbonSteal, DoubleAgent, and GoldenEagle.
Crushing the Uyghurs
The main purpose of the malware is to collect personal data from the infected devices. The malware that are mentioned in the report are trojanized legitimate apps, meaning that they are maintaining the external appearance of a useful app while secretly carrying out surveillance operations. For instance, some such trojanized apps include “Tawarim” (Uyghur e-commerce site), “Sarkuy” (Uyghur music service), and “Tibbiy Jawahar” (Uyghur pharmaceutical app).
The SilkBean malware trojanized apps focus on Uyghur keyboards, plugins, and alphabets. The DoubleAgent malware initially targeted Tibetan ethnic people, but it slowly shifted its focus to the Uyghurs. CarbonSteal has the ability to gain control over devices through special text messages. GoldenEagle not only targeted Uyghurs and Tibetans in China, but also individuals from other nations as well.
“Wherever China’s Uighurs are going, however far they go, whether it was Turkey, Indonesia, or Syria, the malware followed them there… It was like watching a predator stalk its prey throughout the world,” Apurva Kumar, a threat intelligence engineer at Lookout who helped unravel the campaign, said to The New York Times. In total, 14 different countries are estimated to have come under such intrusive Chinese surveillance, 12 of which belong to Beijing’s “26 sensitive countries” list.
Once the infected trojan apps are downloaded on a device, the hackers gain a real-time view of every activity on the phone. In some situations, the hackers only need to send the user an invisible text message in order to obtain data on that specific phone. The malware would simply send the data through text messages and soon delete all traces of such messages. As such, the user never notices that his data is being stolen. In order to avoid further suspicions, the hackers are also able to kill their spyware on command, especially in situations where the app looks as if it is consuming too much battery life.
The surveillance exposé comes as another report warns that Beijing is forcefully sterilizing Uyghur women in order to reduce the population of the community. It is estimated that birthrates in regions like Kashgar and Hotan, where Uyghur communities are prevalent, fell by over 60 percent between 2015 and 2018. Last year, the birthrates of Xinjiang Province fell by 24 percent. Such a drastic reduction only points to how severely the Chinese Communist Party (CCP) is genetically exterminating Uyghurs.
Acting against abusers
The U.S. recently placed sanctions on Chinese officials, including a prominent member of the Politburo, for their role in the country’s human rights abuses against the Uyghur community. The sanctions have been imposed under the Global Magnitsky Act, which enables the American government to freeze assets as well as implement travel bans on human rights violators.
Some of the people who are affected by the sanctions include the Xinjiang region’s Communist Party Secretary Chen Quanguo, Director and Communist Party secretary of the Xinjiang Public Security Bureau Wang Mingshan, and a few former high-ranking officials. According to the U.S. Treasury Department, Chen is to date the highest-ranking member from the CCP who has been slapped with America’s sanctions.