China Is Installing Android Malware on Tourists’ Phones

China Is Installing Android Malware on Tourists’ Phones

China has famously invasive security and surveillance operations, but activists report at least one region of the country has gotten even more Orwellian. Multiple news agencies have joined forces to analyze a new piece of malware, which Chinese border agents are forcing tourists to install on their phones. The software copies messaging, contacts, and searches phones for thousands of different documents.

Tourists report they’ve encountered this new device search when entering the Xinjiang region, which is home to the Uighur population. Millions of these ethnically Turkic Muslims live in China, almost all of them in Xinjiang. Beijing has been openly hostile toward the Uighur for years, including the use of mass surveillance and detention camps. The new malware, known as BXAQ or Fengcai, seems aimed at tracking Uighur populations and their sympathizers.

Fengcai is a standard Android app, but it has a huge number of sensitive permissions (see below), and it abuses those permissions to the extreme. Border agents have to side-load the app, which means bypassing several layers of protection that prevent users from accidentally installing unverified apps. After installation, the app copies the phone’s messaging history, calendar entries, contacts, and account details to a Chinese server.

China Is Installing Android Malware on Tourists’ Phones

After copying data, Fengcai searches the phone’s storage for more than 70,000 documents. Some of those are extremist Islamic material, but just as much of it is innocuous content like the Quran, information about the Dalai Lama, and scholarly books on the Islamic world. It even looks for songs by a Japanese metal band called Unholy Grave, which has a song about Taiwan.

Fengcai is designed to be uninstalled after collecting data — there’s even a large “uninstall” button in the app. It would appear border guards aren’t bothering to make people remove it, though. Motherboard has uploaded a copy of the Android APK to GitHub, but you probably shouldn’t install it. There are no reports of Fengcai being forced on tourists in other regions of China, but it wouldn’t be surprising to see something similar show up.

Continue reading

Third-Party Repair Shops May Be Blocked From Servicing iPhone 12 Camera
Third-Party Repair Shops May Be Blocked From Servicing iPhone 12 Camera

According to a recent iFixit report, Apple's hostility to the right of repair has hit new heights with the iPhone 12 and iPhone 12 Pro.

Oppo Shows Off Concept Phone With Stretchable OLED Screen
Oppo Shows Off Concept Phone With Stretchable OLED Screen

Oppo has revealed a concept phone with a "continuously variable OLED display" that changes size in your hand to move between tablet and phone-like form factors.

Nvidia, Google to Support Cloud Gaming on iPhone Via Web Apps
Nvidia, Google to Support Cloud Gaming on iPhone Via Web Apps

Both Nvidia and Google have announced iOS support for their respective cloud gaming platforms via progressive web applications. Apple can't block that.

Qualcomm’s New Snapdragon 888 Will Power Flagship Android Phones in 2021
Qualcomm’s New Snapdragon 888 Will Power Flagship Android Phones in 2021

The 888 comes with a new CPU design, integrated 5G, and a massive GPU boost. It's shaping up to be the most significant update to Qualcomm's flagship system-on-a-chip (SoC) in years.