The app does not try to hide itself. Instead, it displays an icon on the device's app select screen, suggesting that it is designed to be removed from the phone after use by the authorities."This is yet another example of why the surveillance regime in Xinjiang is one of the most unlawful, pervasive, and draconian in the world," Edin Omanovic, state surveillance programme lead at Privacy International said."Modern extraction systems take advantage of this to build a detailed but flawed picture into people’s lives. Modern apps, platforms, and devices generate huge amounts of data which people likely aren’t even aware of or believe they’ve deleted, but which can still be found on the device. This is highly alarming in a country where downloading the wrong app or news article could land you in a detention camp," he added.
Do you know any other cases of government malware? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on firstname.lastname@example.org, or email email@example.com.
Motherboard previously covered JingWang, a piece of malware installed on devices in the Xinjiang region of China. Authorities typically installed JingWang on phones belonging to the Muslim Uighur population, and the app also scanned a phone for a similar particular set of files. According to expert analysis, the list of hunted files in BXAQ overlaps somewhat, but not entirely, with those that JingWang searches for, but BXAQ goes further.Chinese authorities did not respond to a request for comment. Neither did Ninjing FiberHome StarrySky Communication Development Company Ltd, the partly state-owned company that developed the app."There is an increasing trend around the world to treat borders as law-free zones where authorities have the right to carry out whatever outrageous form of surveillance they want," Omanovic said. "But they’re not: the whole point of basic rights is that you’re entitled to them wherever you are. Western liberal democracies intent on implementing increasingly similar surveillance regimes at the border should look to what China is doing here and consider if this is really the model of security they want to be pursuing."Subscribe to our new cybersecurity podcast, CYBER.
"This is yet another example of why the surveillance regime in Xinjiang is one of the most unlawful, pervasive, and draconian in the world."