A U.S. researcher is flagging a security flaw in a smartphone app that is mandatory for all those attending the 2022 Winter Olympics, describing what he found as “nefarious and concerning.” Jonathan Scott, lead mobile security engineer at fintech company cLabs, discovered the flaw recently after reverse-engineering both the iOS and Android versions of the MY2022 app—a tool developed by Beijing to track users’ COVID-19 health status and to provide information about the Games. What Scott also discovered was that the AI algorithm behind the app is developed by iFLYTEK Co., a blacklisted Chinese tech firm known for its ties with Beijing’s human rights abuses in China’s far-western region of Xinjiang. In an interview with EpochTV’s “China Insider” program, Scott explained what the flaw is—the app listens to all audio and when it detects its users saying words deemed sensitive by Beijing, it collects the audio and sends it to …