A recent security study revealed that Chinese authorities are using malware Massistant to extract personal data from seized smartphones.
Malware Massistant and Its Purpose
According to research firm Lookout, Chinese police can seize any phone or computer without a warrant and immediately access personal data. Malware Massistant extracts SMS messages, images, audio and video files, as well as GPS data.
Risks for Smartphone Users in China
Chinese citizens have reported multiple times finding malware on their phones after interactions with the police. Tourists, businessmen, and employees from multinational companies risk having their smartphones confiscated by Chinese authorities, potentially leading to a leak of sensitive data.
Previously Identified Threats and Reactions
Massistant is a successor to the tool MSSocket, developed by Xiamen Meiya Pico. In 2021, this company was sanctioned by the Office of Foreign Assets Control (OFAC). According to OFAC, the company poses a significant threat to U.S. national security due to its role in developing and distributing surveillance technologies.
The use of Massistant highlights significant risks faced by smartphone users in China. These actions also raise issues regarding human rights and authoritarian surveillance methods.
