Skip to main content

China installs spyware on tourists’ Android phones, downloads data from iPhones

Foreigners visiting certain areas of China are having their smartphones searched at the border. With Android phones, authorities install a piece of spyware that has access to the user’s calendar, phone contacts, call logs, and text messages — as well as the apps they use and their usernames in some of those apps.

iOS protections mean that an iPhone app wouldn’t give them the same access, so they instead take a different approach …

For iPhones, Vice reports that border officials appear to be using equipment to download data from iPhones.

The Süddeutsche Zeitung reporter said they saw machines that appeared to be for searching iPhones at the border.

This is most likely something along the lines of Cellebrite’s Universal Forensic Extraction Device (UFED). These devices allow most data to be captured from an iPhone.

The intrusive surveillance applies to foreign visitors to the Xinjiang region.

Foreigners crossing certain Chinese borders into the Xinjiang region, where authorities are conducting a massive campaign of surveillance and oppression against the local Muslim population, are being forced to install a piece of malware on their phones that gives all of their text messages as well as other pieces of data to the authorities, a collaboration by Motherboard, Süddeutsche Zeitung, the Guardian, the New York Times, and the German public broadcaster NDR has found […]

The Android malware, which is installed by a border guard when they physically seize the phone, also scans the tourist or traveller’s device for a specific set of files, according to multiple expert analyses of the software. The files authorities are looking for include Islamic extremist content, but also innocuous Islamic material, academic books on Islam by leading researchers, and even music from a Japanese metal band […]

Once installed on an Android phone, by “side-loading” its installation and requesting certain permissions rather than downloading it from the Google Play Store, BXAQ collects all of the phone’s calendar entries, phone contacts, call logs, and text messages and uploads them to a server, according to expert analysis. The malware also scans the phone to see which apps are installed, and extracts the subject’s usernames for some installed apps.

It’s increasingly common for border officials around the world to carry out searches of smartphones belonging to visitors and citizens alike, one U.S. citizen last year suing U.S. Customs and Border Protection over what she claimed was the illegal seizure and search of her iPhone at Newark airport. But installing spyware on Android phones is a whole other level.

FTC: We use income earning auto affiliate links. More.

Hyper Cube automatic iPhone backups
You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Check out 9to5Mac on YouTube for more Apple news:

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications