China Is Installing Android Malware on Tourists’ Phones

China Is Installing Android Malware on Tourists’ Phones

China has famously invasive security and surveillance operations, but activists report at least one region of the country has gotten even more Orwellian. Multiple news agencies have joined forces to analyze a new piece of malware, which Chinese border agents are forcing tourists to install on their phones. The software copies messaging, contacts, and searches phones for thousands of different documents.

Tourists report they’ve encountered this new device search when entering the Xinjiang region, which is home to the Uighur population. Millions of these ethnically Turkic Muslims live in China, almost all of them in Xinjiang. Beijing has been openly hostile toward the Uighur for years, including the use of mass surveillance and detention camps. The new malware, known as BXAQ or Fengcai, seems aimed at tracking Uighur populations and their sympathizers.

Fengcai is a standard Android app, but it has a huge number of sensitive permissions (see below), and it abuses those permissions to the extreme. Border agents have to side-load the app, which means bypassing several layers of protection that prevent users from accidentally installing unverified apps. After installation, the app copies the phone’s messaging history, calendar entries, contacts, and account details to a Chinese server.

China Is Installing Android Malware on Tourists’ Phones

After copying data, Fengcai searches the phone’s storage for more than 70,000 documents. Some of those are extremist Islamic material, but just as much of it is innocuous content like the Quran, information about the Dalai Lama, and scholarly books on the Islamic world. It even looks for songs by a Japanese metal band called Unholy Grave, which has a song about Taiwan.

Fengcai is designed to be uninstalled after collecting data — there’s even a large “uninstall” button in the app. It would appear border guards aren’t bothering to make people remove it, though. Motherboard has uploaded a copy of the Android APK to GitHub, but you probably shouldn’t install it. There are no reports of Fengcai being forced on tourists in other regions of China, but it wouldn’t be surprising to see something similar show up.

Continue reading

Google Will Officially Support Installing Chrome OS on Your Old Computer
Google Will Officially Support Installing Chrome OS on Your Old Computer

Google has just acquired Neverware, and its CloudReady product is becoming an official Chrome OS offering.

Voting Machine Vendor Admits Installing Remote-Access Software on State Systems
Voting Machine Vendor Admits Installing Remote-Access Software on State Systems

In February, a major e-voting vendor claimed it had never shipped remote access software on any of its systems. It lied — and that's not the most important part of the story.

Users are Reporting Lost Data After Installing Windows 10 October 2018 Update
Users are Reporting Lost Data After Installing Windows 10 October 2018 Update

Microsoft's Windows 1809 update may be causing data loss for certain users. Update with caution — or not at all.