Chinese Authorities Are Using a New Tool To Hack Seized Phones and Extract Data (techcrunch.com) 28
An anonymous reader quotes a report from TechCrunch: Security researchers say Chinese authorities are using a new type of malware to extract data from seized phones, allowing them to obtain text messages -- including from chat apps such as Signal -- images, location histories, audio recordings, contacts, and more. In a report shared exclusively with TechCrunch, mobile cybersecurity company Lookout detailed the hacking tool called Massistant, which the company said was developed by Chinese tech giant Xiamen Meiya Pico.
Massistant, according to Lookout, is Android software used for the forensic extraction of data from mobile phones, meaning the authorities using it need to have physical access to those devices. While Lookout doesn't know for sure which Chinese police agencies are using the tool, its use is assumed widespread, which means Chinese residents, as well as travelers to China, should be aware of the tool's existence and the risks it poses. [...]
The good news ... is that Massistant leaves evidence of its compromise on the seized device, meaning users can potentially identify and delete the malware, either because the hacking tool appears as an app, or can be found and deleted using more sophisticated tools such as the Android Debug Bridge, a command line tool that lets a user connect to a device through their computer. The bad news is that at the time of installing Massistant, the damage is done, and authorities already have the person's data. "It's a big concern. I think anybody who's traveling in the region needs to be aware that the device that they bring into the country could very well be confiscated and anything that's on it could be collected," said Kristina Balaam, a researcher at Lookout who analyzed the malware. "I think it's something everybody should be aware of if they're traveling in the region."
Massistant, according to Lookout, is Android software used for the forensic extraction of data from mobile phones, meaning the authorities using it need to have physical access to those devices. While Lookout doesn't know for sure which Chinese police agencies are using the tool, its use is assumed widespread, which means Chinese residents, as well as travelers to China, should be aware of the tool's existence and the risks it poses. [...]
The good news ... is that Massistant leaves evidence of its compromise on the seized device, meaning users can potentially identify and delete the malware, either because the hacking tool appears as an app, or can be found and deleted using more sophisticated tools such as the Android Debug Bridge, a command line tool that lets a user connect to a device through their computer. The bad news is that at the time of installing Massistant, the damage is done, and authorities already have the person's data. "It's a big concern. I think anybody who's traveling in the region needs to be aware that the device that they bring into the country could very well be confiscated and anything that's on it could be collected," said Kristina Balaam, a researcher at Lookout who analyzed the malware. "I think it's something everybody should be aware of if they're traveling in the region."
Re: (Score:2)
Are there any vendors who specialize in travel-friendly burner phones? One probably wants a good camera for travel, so it will probably have to be rented, as buying a good camera'd phone just for travel is too much for we plebeians.
Re:If you're traveling (Score:5, Insightful)
My American friends who live in Spain came to the US purposefully leaving behind their phones. That in itself raised some eyebrows at the airport immigration control booth %^)
They did bring their SIM cards, and had pre-ordered an Android phone drop-shipped to an Amazon box here in Phoenix (AZ), and had hoped to just pop in the SIM and everything would work. But no - even GMail wasn't working right. Ended up taking days to sort it out, and had to overnight one of the SIMs back to Spain for a neighbor to take to the phone store and help sort out the issue. Apparently, once the carrier was convinced that there was no fraud going on, then they were able to get the phone running.
Sounds like a pain, but it's easier for me to carry my regular camera across the border and use a burner.
Re: (Score:2)
My American friends who live in Spain came to the US purposefully leaving behind their phones. That in itself raised some eyebrows at the airport immigration control booth %^)
They did bring their SIM cards, and had pre-ordered an Android phone drop-shipped to an Amazon box here in Phoenix (AZ), and had hoped to just pop in the SIM and everything would work. But no - even GMail wasn't working right. Ended up taking days to sort it out, and had to overnight one of the SIMs back to Spain for a neighbor to take to the phone store and help sort out the issue. Apparently, once the carrier was convinced that there was no fraud going on, then they were able to get the phone running.
Sounds like a pain, but it's easier for me to carry my regular camera across the border and use a burner.
I'm not sure how expensive phones are in Spain, but why didn't they just get a burner in Spain if you're going to use a Spanish SIM card? A fully functional cheap Android phone in the UK goes from as little as £70, although I'd be looking at around £150 for my needs. Before I got a dual SIM phone I just used to travel using an older phone anyway as I travel with a different SIM to the one I use in the UK.
As for cameras, I believe in carrying one on holiday because you get better shots with de
Re: (Score:1)
Or just stay out.
Re: (Score:2)
I would argue that one should not bring electronic devices to nearly any "foreign" country on the planet given the current state of affairs (as an example, most European countries reserve the right to examine electronic devices, if they suspect the device contains information relevant to customs violations, immigration issues, or national security threats (e.g., terrorism, smuggling, or illegal content) -- any one of which is a hole big enough to drive a truck through.
Use a burner when travelling (Score:5, Informative)
Re: (Score:3)
Won't somebody think of the autocrats?!?
Re: (Score:2)
You try that first. You may tell us your experiences later, if you survive.
Re: (Score:2)
Mess with them: place triggering content on it like Tank Man, Taiwan-is-real-China meme, and Satanic Pooh Bear. [reddit.com]
When they spot it just say, "It's a burner phone I bought on the street, I didn't put that on."
However, they'll still probably hold or harass you for a few days.
They won't hold or harass you. They'll simply say "Entry denied. Your flight home is at 2:00. Have a nice day." and your expensive vacation or business trip is now ended. Congratulations on the self-own.
Re: (Score:2)
The state of the world is such nowadays that you should not take your regular electronic devices across borders. Any borders.
My time and convenience is worth more than the infinitesimal risk of being harassed/detained/killed by the border control agents. If you are an activist, bring burner devices. Otherwise, bring a burner if you find it titillating to use a burner during your trip.
Re: (Score:2)
Re: (Score:2)
Where did I say or imply that?
Re: (Score:2)
The state of the world is such nowadays that you should not take your regular electronic devices across borders. Any borders.
The only borders I'd be concerned about taking a sensitive phone across are those around despotic regimes like North Korea, China, Iran, Saudi Arabia and the United States. I'd take my phone over most western, Asian or South American borders without a second thought because Thailand/Germany/Australia/Canada/Dominican Republic/et al. couldn't care less about inspecting my phone unless I've become a suspect in a crime... which has never happened to anyone I know.
The US CBP has always had a hard on against
Makes more sense (Score:1)
I originally read the headline as "....hack seized photos...."
Thought a minute. Re-read it.
"Phones" does make more sense here than "photos".
This is laziness (Score:2)
If one is crossing a border, any applet with a built-in communication history should be uninstalled: Remove the history, remove the address book, remove the identity. Government agents have been spying on phones for 15 years. Why are people still getting caught? They're thinking it "won't happen to me". They don't want to put the time in, deleting their history and then act surprised when their history is stolen.
Re: (Score:2)
If one is crossing a border, any applet with a built-in communication history should be uninstalled
All they need is your phone number, user name, IMEI and they'll just fetch all that stuff from your cloud backup or telecom logs. If one is crossing a border, leave your phone at home.
Is this necessary? (Score:2)
Re: (Score:2)
"The malware must be planted on an unlocked device"
So, is some special malware needed when the police get an unlocked phone? Isn't the problem simply that the police have an unlocked phone?
Re: (Score:2)
Well, they need a new one because the old wrench finally wore out (made of Chinesium, not that good stuff SnapOn uses).
Bigotry, much? (Score:1)
So, they supposedly have a tool.
Big f'ing deal. Even if true, no way they are anywhere close to the USA level of intrusiveness or enforcement. The USA is terrible...to the point where this tool is almost a joke, it seems.
Actually, the way it is described is so pathetic that it makes me wonder if the report is real.
Re: (Score:2)
Re: (Score:1)
Whataboutism much?
I'd like to see you post your own article instead of poo pooing this one.
So, IOW (Score:2)
Buy an iPhone.:-)
The next deal from el Bunko (Score:2)
Press Release: el Bunko, Grifter-in-Chief, has just announced a Deal to acquire Chinese Snoop Technology (with AI) that will make America Stronger!!!
"People have been saying I am the Greatest Dealmaker Ever in the History of World. No one has ever seen anything like it!!"