The Chinese authorities use a new tool to penetrate the seized phones and extract data

Security researchers say that the Chinese authorities use a new type of harmful programs to extract data from the seized phones, allowing them to obtain text messages – including chat applications such as sign – photos, site history, audio recordings, contacts, and more.

On Wednesday, Mobile Cybersecrance Lookout has published a new report – exclusive with Techcrunch – in detail the piracy tool called MASISTANT, which the company said was developed by the Chinese technology giant Xiamen Meiya Pico.

According to Lookout, the Android program is used to extract criminal data from mobile phones, which means that the authorities you use need material access to these devices. Although Lookout is not known for sure, that is, Chinese police agencies that use the tool, their use is widely, which means that both the Chinese population, as well as travelers to China, should be aware of the existence of the tool and the risks it offers.

“It is a great concern. I think anyone traveling in the region should realize that the device they bring to the country can be well confiscated and anything that can be collected,” said Christina Balm, a researcher at Lookout who analyzed malicious programs, before the report was released. “I think it is something that everyone should be aware of if they are traveling in the area.”

The mother found many publications in the local Chinese forums, where people complained of finding harmful programs installed on their devices after interactions with the police.

“It seems widely used, especially from what I saw in complaining about these Chinese forums,” said Balm.

Magistical programs, which must be planted on an insured device, and work alongside On the Xiamen Meiya Pico website.

Bloom said that Lukot cannot analyze the desktop component, and researchers cannot find a copy of the malware compatible with Apple devices. In an illustration on its website, Xiamen Meya Pico offers iPhone devices connected to the forensic device, indicating that the company may have a Massistant iOS version designed to extract data from Apple devices.

The police do not need advanced techniques to use the councils Zero days Balm said, based on what I read in these Chinese forums, that the defects in the software or devices that have not yet been revealed to the seller – as “people hand over their phones.”

At least 2024, Chinese state security police They had legal powers to search through phones and computers without the need for a judicial order or an active criminal investigation.

“If someone is moving through a border checkpoint and his devices are confiscated, he must be granted access to them,” Balm said. “I don’t think we see any real exploits of legal intersection tools just because they do not need it.”

And the good news, for each pain, is that Massistant leaves evidence of a compromise on the seized device, which means that users can determine and delete malware, either because the piracy tool appears as an application, or can be found and deleted using more advanced tools such as Android Debug BridgeThe command line tool that allows the user to connect to a device through their computer.

Bad news is that at the time of Massistant installation, damage is caused, and the authorities already have a person’s data.

According to mssockketAny security researchers analysis In 2019.

According to what was reported, Xiamen Meya Pico has a 40 % stake in the digital forensic market in China, and It was approved by the US government in 2021 For its role in providing its technology to the Chinese government.

The company did not respond to the TECHCRUNCH request for comment.

Palaam said that Massistant is only a large number of spyware or malware created by Chinese monitoring technology makers, in what she described as a “large ecosystem”. The researcher said that the company tracks at least 15 different families of harmful programs in China.