An advisory from Western nations has indicated that the risk from high-grade mobile phone monitoring software is probably growing. The agencies—U.K. GCHQ, U.S. NSA, Canada CSE, New Zealand GCSB, Australia ASD and Germany BSI—said the software is operated by the Chengdu, China based contractor Sichuan Dianke Network Security Technology Co., Ltd believed to have links to China’s Ministry of Public Security.
Targeted Groups Identified
The advisory mentions that people and entities associated with specific groups are at even greater risk for these types of threats. From Taiwanese independence activists to the Tibetan rights group, the Uyghur Muslims and other minorities in the Xinjiang Uyghur Autonomous Region, the Hong Kong democracy campaigners and the Falun Gong spiritual movement. According to a statement from the UK National Cyber Security Centre (NCSC), journalists, NGOs, and companies associated with either of these groups should exercise increased caution.
Malware Capabilities Detailed
Those two distinct malware packages, which were both used as surveillance tools, were BADBAZAAR and MOONSHINE. These kinds of tools can extract some critical information from mobile phones. They’re also able to enable remote operators to tap into that device’s camera, microphone, and location information, allowing for total surveillance of a user without their knowledge or consent.
Wider Risk of Infection
However, there the NCSC also warned that the delivery mechanism for this type of spyware over the internet is not always as targeting. This kind of targeting is not limited to minorities and can seamlessly be transitioned to one who has no direct relation to the aforementioned.
China Responds to Allegations
Commenting on these warnings, a spokesperson for Chinese Embassy in Washington said China is against smear attacks without any factual basis against China. Tracking cyberattacks is “not a straightforward matter” and the U.S. government hopes the parties involved will “address the matter in a professional and responsible manner on the basis of evidence,” rather than speculation, the spokesperson said.
Building on Prior Reports
Today’s warning restates much of what has been found in prior press accounts from the private sector detailing the contractor’s activities and infrastructure supporting that malware over the past few years. One of its main points relates to a January 2025 report from Intelligence Online, which traced the malware to the Chengdu contractor, and thus to China’s Ministry of Public Security.
Collective Action Persistence Against the Challenge
This delivered a united nature of the advisory suggesting that a shared concern among Western intelligence agencies over these types of cybersecurity threats. Part of the purpose of having the U.S. FBI and NSA and their partners in Australia, Canada, Germany and NZ, LLC carry digital water was for the workings of this spyware which has thus in effect become an international threat to all humankind. The nations participation in the advisory indicates they are taking the issue seriously — a sentiment echoed in comments by the NCSC, but not yet by the FBI, which was asked to comment on the advisory but didn’t yet, and the NSA, which was called but has not yet commented.
