A screen showing images of Chinese President Xi Jinping in Xinjiang where a pervasive security apparatus has subdued the ethnic unrest, June 2019. Photo: Greg Baker/AFP/Getty Images

Those websites we reported on last week that target iPhone users with malware appear to have been part of China's long-running effort to monitor its Uighur population.

The big picture: The security vulnerabilities that mobile malware takes advantage of are scarce and expensive, and countries are loath to risk burning their tools by widely exposing them.

  • The only scenario where it makes any economic sense to use such techniques this broadly is one involving a wealthy government trying to mount a vast surveillance effort — as with China's campaign among the Uighurs in Xinjiang.

Why it matters: No one has attempted to spread mobile malware to such a wide group before because no one has tried to surveil an entire ethnic group this way before.

Driving the news: On Thursday, Google announced it had discovered several campaigns using popular websites to indiscriminately inject malware onto iPhones.

  • Subsequent reporting showed that the campaign looked to infect not only iPhones but Android devices and Windows computers as well.
  • The firm Volexity found evidence those sites included Uighur news outlets and other Uighur community sites.

Background: Surveillance of the Uighurs is nothing new. "The Chinese government has long harbored suspicion about the Uighur population’s loyalty to China, confusing ethnic identity with separatism," said Sophie Richardson, China lead for Human Rights Watch.

But in recent years, China has tightened its heavy-fisted rule of Xinjiang province with high-tech techniques.

Biometrics: China uses widespread facial recognition research to detect and track the Uighur minority, and it has roped in Western research institutions to help. Western research institutions and journals have aided in development of facial recognition to distinguish Uighur facial features using artificial intelligence.

  • China tracks Uighurs through other biometrics too, including DNA.

Digital tools: China tracks digital communications from Uighurs and stores information tapped from WiFi-enabled devices. Tourists must install a monitoring app on phones when entering the Xinjiang province that scans for Quran passages and other contraband information, and Reuters reported Thursday that China hacked telecoms to spy on Uighur travelers.

  • All of the information is filtered through a machine learning algorithm-fueled mobile app used to direct police activity.
  • Human Rights Watch reverse-engineered the app and found a wide variety of factors play a role in determining who is treated as a suspicious individual — including whether they use their home's front or back door.

The bottom line: This is not a small undertaking. China's willingness to spend on technology to surveil Uighurs has created a niche, high-growth industry among military contractors.

  • Secretary of State Mike Pompeo recently described the crackdown on Uighurs as the “stain of the century.” And the White House added a Uighur American to the National Security Council to contribute to China policy.

Go deeper

Louisville officer: "Breonna Taylor would be alive" if we had served no-knock warrant

Breonna Taylor memorial in Louisville. Photo: Brandon Bell/Getty Images

Sgt. Jonathan Mattingly, the Louisville officer who led the botched police raid that caused the death of Breonna Taylor, said the No. 1 thing he wishes he had done differently is either served a "no-knock" warrant or given five to 10 seconds before entering the apartment: "Breonna Taylor would be alive, 100 percent."

Driving the news: Mattingly, who spoke to ABC News and Louisville's Courier Journal for his public interview, was shot in the leg in the initial moments of the March 13 raid. Mattingly did not face any charges after Kentucky Attorney General Daniel Cameron said he and another officer were "justified" in returning fire to protect themselves against Taylor's boyfriend.

U.S. vs. Google — the siege begins

Illustration: Sarah Grillo/Axios

The Justice Department fired the starter pistol on what's likely to be a years-long legal siege of Big Tech by the U.S. government when it filed a major antitrust suit Tuesday against Google.

The big picture: Once a generation, it seems, federal regulators decide to take on a dominant tech company. Two decades ago, Microsoft was the target; two decades before that, IBM.

Dion Rabouin, author of Markets
1 hour ago - Economy & Business

Why the stimulus delay isn't a crisis (yet)

Illustration: Aïda Amer/Axios

If the impasse between House Speaker Nancy Pelosi and the White House on a new stimulus deal is supposed to be a crisis, you wouldn't know it from the stock market, where prices continue to rise.

  • That's been in no small part because U.S. economic data has held up remarkably well in recent months thanks to the $2 trillion CARES Act and Americans' unusual ability to save during the crisis.