China installs malware on Android smartphones at Xinjiang border crossing

By admin On Jul 2, 2019

Spread the love

At border posts in the Xinjiang region, Chinese authorities are installing an Android app on travelers’ smartphones that sends text messages and other information into the hands of customs. Several media claim that after research.

A tourist who got the malware installed provided a copy of the app to Motherboard and Süddeutsche Zeitung. An employee of this German newspaper then crossed the border in the Chinese region of Xinjiang himself and also got the app installed. The app was then analysed. The Guardian and NYT also report about it.

The customs authorities in the region temporarily confiscate smartphones of tourists and travelers in order to sideload the app. The app is called Fencai, which is related to bees, and makes no attempt to hide itself. For example, the logo is simply visible in the list of available applications. It therefore seems that it should actually be removed when its job is done.

That work consists of scanning the contents of the device to find a match with one or more of 73,000 hashes present. By comparing these hashes with those of a Virus Total database, among other things, the researchers were able to relate 1,300 of them to files to get an indication of what the Chinese surveillance app is looking for.

It turned out that the app searches for the Rumiyah publication of IS, passages of the Koran, PDFs about the Dalai Lama, the book The Syrian Jihad and a track by the Japanese band Unholy Grave about Taiwan. Some files, according to the researchers, clearly concern extremism and terrorism, but others are harmless in nature. In addition, the app transfers messages such as text messages and data about contacts, the calendar, the location and the call history.

The surveillance was not limited to Android smartphones, according to the German editor who crossed the border. iPhones were also seized and attached to a device via USB, although it is not known what this device did. Motherboard has published a copy of the app on Github.

There have been reports of repression for years in the Xinjiang region, where the majority of the population is Muslim.