A fake smartphone app is being used to remotely monitor pro-democracy protesters in Hong Kong, according to a report from the New York Times. Researchers from Lacoon Mobile Security say the phishing scam is spreading across the messaging application WhatsApp, through texts that read: “Check out this Android app designed by Code4HK for the coordination of OCCUPY CENTRAL!”, along with a link to download software. Lacoon says the software, once downloaded, can access a user’s personal data, including phone calls, text messages, and the physical location of their smartphone.

As tens of thousands of protesters in Hong Kong continued to shut down the city’s main arteries on Wednesday in a call for democracy, a quieter struggle was playing out to monitor the demonstrations online. The most recent salvo came to light Tuesday, when Lacoon Mobile Security said that it had tracked the spread of a fake mobile application designed to eavesdrop on protesters’ communications. In what is known as a phishing attack, smartphone users in Hong Kong have been receiving a link on WhatsApp to download the software, along with a note: “Check out this Android app designed by Code4HK for the coordination of OCCUPY CENTRAL!” Code4HK, a community of programmers who have been working to support the democracy movement, had nothing to do with the application, according to Lacoon. Though Michael Shaulov, Lacoon’s chief executive, said it was impossible to be certain about the origin of the fake app, he said signs pointed to the Chinese government. Given the “targets of the operation, where the servers are based and the sophistication of the attack, it doesn’t leave much room to the imagination.”