China installing data-stealing malware on tourists' phones?


04 Jul 2019

Tourists visiting China are being forced to install 'data-stealing' malware

If you are a privacy freak (like me), visiting China shouldn't be on your travel bucket list.

A joint investigation by multiple media outlets has revealed that the Chinese government is installing malware on the phones of foreign tourists.

The program, as the reports indicate, works in the background, harvesting a wide range of data for the government.

Here's all about the snooping practice.


Tourists being asked to install spying malware

Tourists being asked to install spying malware

Just recently, The Guardian got its hands on a program that Chinese border officers asked tourists crossing into the Xinjiang region, to install.

The app should have been uninstalled before their return, but that didn't happen, which gave the organization a chance to analyze it.

The analysis, conducted by NYT, Vice, Süddeutsche Zeitung and German broadcaster NDR, revealed the program was a spying malware.

Function #1

What this malware did on the devices

After reverse engineering the malware, which goes by the name CellHunter, the outlets found it had two key functions: steal personal data from the target device and search for files on it.

It mined emails, contact numbers, messages, phone logs, calendar entries, social media identifiers as well as phone details like unique device identifiers and the last cell tower it had connected to.

Love World news?

Stay updated with the latest happenings.

Yes, notify me

Function #2

Plus, it scans the device for suspicious files

Plus, it scans the device for suspicious files

In addition to data collection, the app scans the target device for more than 70,000 files the Chinese government considers suspicious.

This includes MP3 files, pictures, and documents featuring extremist material such as Dabiq and Inspire, propaganda content by ISIS and al-Qaeda.

It even scanned for writings of the Dalai Lama, Quran, as well as content on the history and culture of Xinjiang.


Reporter witnessed this surveillance in person

Notably, spying act was even confirmed by a Süddeutsche Zeitung reporter who crossed the border and witnessed the program being installed by Chinese border officers.

The data stolen by it is stored on a server on the border office's local intranet, but there is no evidence that the same program is also used for tracking the visitors' movements in the country.

Here's what Maya Wang, researcher at Human Rights Watch, said

"We already know that Xinjiang residents, particularly Turkic Muslims, are subjected to round-the-clock and multidimensional surveillance," Vice quoted Maya Wang, China senior researcher at Human Rights Watch, as saying. "[This malware] suggests that even foreigners are subjected to such mass and unlawful surveillance."

Share this timeline




Dalai Lama


Human Rights Watch


Maya Wang




Süddeutsche Zeitung

Turkic Muslims

Share this timeline

Ask NewsBytes
User Image

Next Timeline