China is already notorious for its aggressive security and monitoring operations, but now they have taken things to the next level. Vice report says that China border guards are forcing tourists to install an application, which is basically malware on their phones. This software scans your calls, messages, contacts in phones for thousands of different documents.
It turns out that this practice is not happening at every station but there is no doubt that this is happening and the government has authorized it. Many tourists have reported such incidents while entering the Xinjiang area – home for the Uighur population. They are Turks Muslim and millions of them live in China, and most of them are in Xinjiang.
You can watch the full report of Vice here :
The Chinese government has been openly hostile towards Uighur for years and organized large scale surveillance and detention camps for them. It appears that new malware, named BXAQ or FengKai, aims to monitor the Uighur people and their sympathizers. There is heavy security in Xinjiang border and as part of the investigation process, visitors should hand over their smartphones to a search.
Vice received a copy of the China malware and it was analyzed by security firms. The software is not anything remarkable because it does not take advantage of any security vulnerabilities or weaknesses. But it copies the information in bulk from the phone and sends it to Chinese servers. Malware FengKai is basically an Android app and requires many sensitive permissions.
The app misuses it to maximize those permissions, and the guard actually has to side-load the app. This means bypassing many levels of security that exist to prevent accidental installation of unverified apps by default.
After installation, the app also provides login details on the messaging history of the phone, contacts, calendar entries, and even Chinese servers.
After copying the data, Fengcai / BXAQ scans the phone for more than 70,000 documents – from extremist Islamic content to harmless things like the Quran or the Dalai Lama’s information. Even he sees a Japanese metal band, “Unholy Grave”, because there is a song about Taiwan.
It appears that after the data collection process is finished, the app is designed to uninstall because it has a big “uninstall” button on it. But perhaps the guards do not take enough care to remove them later.
A copy of the Android APK has been uploaded to the GitHub by the motherboard. But you should not install it. Meanwhile, tourists in other parts of China did not face such issues. However, it is not surprising if some kind of crop is somewhere else.