Chinese police use app to spy on citizens’ smartphones

Chinese police are installing intrusive data-harvesting software on ordinary citizens’ smartphones during random street checks even when they are not suspected of any crime, new research shows.

The move suggests Chinese police are using highly invasive surveillance techniques, similar to those deployed in the restive western region of Xinjiang, in the rest of China.

The software, a smartphone application called MFSocket, provides access to image and audio files, location data, call logs, messages and the phone’s calendar and contacts, including those used in the messaging app Telegram, French security researcher Baptiste Robert said. 

The MFSocket application is installed on the phone by connecting it to a computer with the necessary software. The application then opens a port that allows the device’s data to be extracted, he said. 

The move underlines how China is stepping up investment in its so-called “surveillance state” as the Communist party under President Xi Jinping tightens its grip on dissent.

For nearly a decade, China has spent more on internal security than on its already considerable defence budget, pouring resources into a vast network of cameras and applications that use artificial intelligence and cloud computing to identify and track China’s 1.34bn people.

Chinese internet users have complained online about police installing the MFSocket application on their smartphones — often during everyday interactions such as passing through subway security checks — in a series of incidents recently documented by Xiao Muyi, an editor at the online magazine ChinaFile. 

In January, one internet user said on the popular review website that the police had installed the app on the user’s handset, according to the device’s smartphone log. This occurred when the user was briefly detained by local authorities for sharing a news article from an outlet blocked in mainland China. 

Edward Schwarck, a doctoral candidate studying Chinese public security at the University of Oxford, said the use of the MFSocket app showed that police were attempting to move towards “intelligence-led” policing — investigations designed to anticipate illegal acts before they happen.

“The end result is that the security state is becoming much more resilient. They are not just responding to threats any more but are pre-empting them,” said Mr Schwarck.

The tactic is similar to surveillance methods used by China in Xinjiang, where an estimated 1.5m Muslims are being detained in internment camps, analysts said. 

In a separate piece of research released this week, Berlin-based cyber security firm Cure53, in collaboration with Motherboard, Süddeutsche Zeitung, Guardian, New York Times, and German broadcaster NDR, found that Chinese police were also installing invasive data extraction software on phones at the border between Xinjiang and Central Asia.

The software is installed on the smartphones of foreign tourists and traders crossing the border and collects data such as call logs, text messages and contacts, which it uploads to a local police server, Cure53 found.

The app, called Fengcai or BXAQ, also checks files on the phones against a list of more than 70,000 “forbidden” files and “appears to be used surreptitiously — installed, used, and uninstalled in a single session”, it said.

Security researcher Mr Robert said the MFSocket application was almost certainly developed by Chinese electronic forensics company Meiya Pico, based on certificates attached to the software. 

Neither Meiya Pico nor China’s public security department responded to requests for comment. 

[optin-cat id=7010]