Western intelligence agencies have issued a stark warning about the growing threat of Chinese spyware targeting individuals and groups seen as critical of Beijing. The latest advisory flags a significant uptick in malicious mobile apps deployed to surveil Taiwanese independence supporters, Tibetan rights activists, Uyghur Muslims, and other communities and organizations.
The alert, issued jointly by the cybersecurity agencies of the U.S., U.K., Canada, Australia, New Zealand, and Germany, outlines how China’s security services are allegedly using mobile surveillance tools to track and monitor critics abroad. At the center of this operation is Sichuan Dianke Network Security Technology Co., Ltd., a Chengdu-based firm reportedly tied to China’s Ministry of Public Security.
According to the advisory, the company has been linked to two major spyware strains—BADBAZAAR and MOONSHINE. These malware programs are designed to secretly extract sensitive data from mobile phones. They can access users’ cameras, microphones, and real-time location data, effectively turning mobile devices into surveillance tools.
The British National Cyber Security Centre (NCSC) warned that the threat isn’t limited to political activists. Journalists, NGOs, businesses, and anyone representing or advocating for marginalized communities such as the Uyghurs, Tibetans, and Hong Kong democracy supporters are all potentially at risk. Even followers of Falun Gong, a spiritual movement banned in China, were listed as likely targets.
What makes this spyware even more dangerous is its wide-reaching distribution. “The indiscriminate way this spyware is spread online also means there is a risk that infections could spread beyond intended victims,” the NCSC stated.
This international warning follows recent developments that have heightened geopolitical tensions. On April 1, China conducted military drills around Taiwan, while on March 28, U.S. Defense Secretary Pete Hegseth visited the Philippines and reaffirmed America’s commitment to counter Chinese aggression in the Indo-Pacific region.
The joint report builds on earlier cybersecurity investigations, including a January 29 article from Intelligence Online. That report detailed how Sichuan Dianke had long been supplying surveillance software and services to Chinese state authorities.
Despite mounting evidence and international scrutiny, China’s Washington embassy has dismissed the claims as baseless. Embassy spokesperson Liu Pengyu told Reuters that China “firmly opposes the smear attacks against China without any factual basis,” adding that cyberattack attribution is complex and should not rely on “unfounded speculation and accusations.”
The FBI, NSA, and their intelligence counterparts in Australia, Canada, Germany, and New Zealand all contributed to the findings. While the FBI declined to comment, the NSA has not responded to media inquiries.
As governments and cybersecurity firms work to uncover more of these covert operations, the latest advisory serves as a critical reminder: digital surveillance threats aren’t just a concern for governments—they’re an everyday risk for activists, journalists, and vulnerable communities worldwide.
