• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Spyware Installed on China Visitors’ Phones

July 8, 2019 By Trevor Collins

A Chinese passport

When traveling into China through the northwest border, border patrol may install a new spyware app called Fengcai or BXAQ on your phone. Some users have reported that the app was installed on their phone when stopped by police as well. Like the MFsocket app that Chinese police install on your cellphone in Beijing and Shanghai, this app appears to pull data from your phone and search for flagged files.

The app gathers private information from the phone including contacts, SMS messages, call logs, calendars and more according the research done by Cure53. Once gathered it tries to match your data to one of 73,000 items that’s listed. We suspect that if the app finds something then your data gets sent to their server, but it could be sending data from the phone to their server no matter what it finds. The app doesn’t appear to keep your data safe as well. Researchers found this app likely passes data in an unencrypted ZIP file over HTTP not HTTPS, leaving it open to man-in-the-middle attacks.

While I understand why China does this on its borders, they certainly have gone too far by requiring spyware apps to be installed when living inside some areas of China. In any case, having an app that indiscriminately saves data and sends it over unsecured connections makes me quite uneasy about having it installed. In addition, we don’t really know the full extent of what the app can do and given the reputation from previous apps that police force you to install, I might not bring my personal phone if traveling through China. As with MFSocket, we recommend leaving your personal cellphone at home when traveling through this part of China.

This article from China Digital Times contains more details on China’s trend of forcibly install spyware on users’ cellphones.

Share This:

Related

Filed Under: Editorial Articles Tagged With: Infosec news

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • An Update on Section 230

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use