Exposed! China installs spyware on visitors’ Android, downloads data from iPhones

Deccan Chronicle.

Technology, Mobiles and Tabs

A report claims that foreigners visiting certain areas of China have their smartphones tampered with.

On iOS, since the protection is a bit better, they don’t acquire the same liberties so they take a different approach.

People visiting China should proceed with caution. A new report from Vice has revealed that foreigners who are visiting certain parts of China are seeing their smartphones searched at the border. On Android handsets, authorities in certain parts of China are installing spyware that gains access to a user’s calendar, phone logs, contacts, and even text messages. They even go so far to gain access to users’ apps that contain usernames.

On iOS, since the protection is a bit better, they don’t acquire the same liberties so they take a different approach. On iPhones, border officials use certain tools to download data. Vice states, “The Süddeutsche Zeitung reporter said they saw machines that appeared to be for searching iPhones at the border.” They make use of equipment something similar to Cellbrite’s Universal Forensic Extraction Device (UFED) that allow most data to be downloaded from iPhones.

This surveillance is intrusive and applies to tourists visiting the Xinjiang region.

Vice states, “Foreigners crossing certain Chinese borders into the Xinjiang region, where authorities are conducting a massive campaign of surveillance and oppression against the local Muslim population, are being forced to install a piece of malware on their phones that gives all of their text messages as well as other pieces of data to the authorities, a collaboration by Motherboard, Süddeutsche Zeitung, the Guardian, the New York Times, and the German public broadcaster NDR has found […]

The Android malware, which is installed by a border guard when they physically seize the phone, also scans the tourist or traveller’s device for a specific set of files, according to multiple expert analyses of the software. The files authorities are looking for include Islamic extremist content, but also innocuous Islamic material, academic books on Islam by leading researchers, and even music from a Japanese metal band […]

Once installed on an Android phone, by “side-loading” its installation and requesting certain permissions rather than downloading it from the Google Play Store, BXAQ collects all of the phone’s calendar entries, phone contacts, call logs, and text messages and uploads them to a server, according to expert analysis. The malware also scans the phone to see which apps are installed, and extracts the subject’s usernames for some installed apps.”

The procedure of searching smartphones is becoming increasingly common for border officials across the globe; however, installing spyware is a whole new low.

Read more...