China blocking Web sites? Not new. China seizing phones to install Apps from Hell? That’s new:
Foreigners crossing certain Chinese borders into the Xinjiang region, where authorities are conducting a massive campaign of surveillance and oppression against the local Muslim population, are being forced to install a piece of malware on their phones that gives all of their text messages as well as other pieces of data to the authorities, a collaboration by Motherboard, Süddeutsche Zeitung, the Guardian, the New York Times, and the German public broadcaster NDR has found.
The Android malware, which is installed by a border guard when they physically seize the phone, also scans the tourist or traveller’s device for a specific set of files, according to multiple expert analyses of the software. The files authorities are looking for include Islamic extremist content, but also innocuous Islamic material, academic books on Islam by leading researchers, and even music from a Japanese metal band.
Should we assume that this doesn’t work on iOS?
As usual with Communist regimes, the locals get it worse:
In no way is the downloading of tourists’ text messages and other mobile phone data comparable to the treatment of the Uighur population in Xinjiang, who live under the constant gaze of facial recognition systems, CCTV, and physical searches. Last week, VICE News published an undercover documentary detailing some of the human rights abuses and surveillance against the Uighur population. But the malware news shows that the Chinese government’s aggressive style of policing and surveillance in the Xinjiang region has extended to foreigners, too.
Google Play, your usual source for Android apps, has nothing to do with this one:
Once installed on an Android phone, by “side-loading” its installation and requesting certain permissions rather than downloading it from the Google Play Store, BXAQ collects all of the phone’s calendar entries, phone contacts, call logs, and text messages and uploads them to a server, according to expert analysis. The malware also scans the phone to see which apps are installed, and extracts the subject’s usernames for some installed apps. (Update: after the publication of this piece, multiple antivirus firms updated their products to flag the app as malware.)
Like the Chinese care if you flag their app.
(Via Joseph Cox.)