UK: China using spyware to target Uyghurs, Tibetans

London

The UK’s National Cyber Security Centre (NCSC) has warned that Chinese hackers are using two spyware tools — MOONSHINE and BADBAZAAR — to secretly monitor Uyghur, Tibetan, and Taiwanese individuals and civil society groups globally.

According to a Central Tibet Administration (CTA) report, these spyware tools access device microphones, cameras, messages, photos, and location data, enabling real-time surveillance without users knowing. The apps mimic platforms like WhatsApp and Skype or pose as standalone apps aimed at ethnic minorities and activists.

Two apps cited are Tibet One (now removed from Apple’s App Store) and Audio Quran, which targeted Tibetans and Uyghur Muslims respectively. The Tibet One app, promoted on Telegram and Reddit, was embedded with BADBAZAAR spyware. Audio Quran used MOONSHINE spyware to deceive Uyghurs by posing as a religious resource.

The NCSC said the spyware targets groups perceived by China as threats — including Taiwanese independence activists, Tibetan rights organizations, Uyghur Muslims, democracy supporters, and Falun Gong members.

China’s government has long faced criticism for its policies in Xinjiang, where over a million Uyghurs have reportedly been held in “reeducation” camps. Meanwhile, Taiwan remains under threat as Beijing pushes unification, potentially through military force.

Cyber experts stress that these threats are global. Community members outside China are just as likely to be targeted. The UK and international agencies are urging tech platforms and users to stay alert, particularly those in high-risk communities.

This warning underscores growing concerns over China’s use of technology for global surveillance.