China’s government is forcing foreigners trying to enter the Xinjiang region to install on their smartphones a malware variant capable of extracting their text messages, among other files. According to cybersecurity specialists, this information is used by China for mass surveillance of Xinjiang, where the Muslim population lives under extreme oppression.
China border agents install Android malware at various checkpoints; in addition to extracting the user’s messages, the malware also scans the device for a specific set of files and software of interest to China. The main objective of the Chinese government is to confiscate propaganda material on Islamic extremism.
Thanks to a tourist who collaborated with cybersecurity experts, it was possible to obtain a sample of the malware, which was thoroughly analyzed. Multiple security firms, such as Citizen Lab of the University of Toronto, and Ruhr University of Bochum investigated this malware, known as BXAQ, concluding that the code is composed of other tools such as CellHunter and MobileHunter.
The researchers claim that, after completing its installation, BXAQ begins to collect as much user information as possible, such as calendar entries, phone contacts, call log and text messages. Finally, BXAQ sends all the information to a server, controlled by the Chinese authorities. The app is designed to be removed from the device after fulfilling its mission.
“China’s surveillance against the Muslim community in Xinjiang is one of the most invasive and illegal systematic practices in the world,” says a spokesperson for the NGO Privacy International. “Modern apps, platforms, and devices generate huge amounts of data that people probably don’t even know or think they’ve deleted, but can be found on their devices.”
Previously, cybersecurity specialists from the International Institute of Cyber Security (IICS) conducted research on KingWang, a malware that China installed on devices in the Xinjiang region to seek propaganda from pro-Islam, for which, despite being a questionable practice, is not something new for the people of Xinjiang.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.