Official Chinese App Allows Backdoor Access To Phones, Warns Cure 53
Security vendor finds heavily promoted Chinese app contains code to allow state monitoring of phones
Security specialist Case 53 has warned that an educational app, heavily promoted by the Chinese state, contains a backdoor to allow for spying on its citizens.
According to Case 53, the ‘Study the Great Nation’ app which is officially backed by the Chinese Communist Party, can provide ‘super-user’ access for the Chinese government to people’s smartphones.
China is known for its ‘Great Chinese Firewall,’ a phrase coined because of the country’s strict online surveillance regulations that saw the adoption of a controversial cyber security law that gives the government even more control over the internet in that country.
Official app
The warning about this Chinese app came in a long report from Cure 53, and it said the app has apparently been downloaded more than 100 million times since its release in February 2019, and it has been heavily promoted by entities such as Chinese state media, universities, schools and similar parties.
It said that the “Study the Great Nation is a multifunctional smartphone application created around the Communist Party of China and the life of Xi Jinping.
It was reportedly “developed by the Parties Propaganda Department and tech-giant Alibaba, and allows for video chat with friends,sending messages that get deleted after having being read, creating a personal calendar, getting information via the state media or watching TV series about the History of the Communist Party of China.”
Use of the app is reportedly mandatory among party officials and civil servants, and from this month, local journalists must pass a test on the life of President Xi, delivered via the app, in order to obtain a press card.
Data gathering
Cure53 was tasked with reviewing the premise of this app by the Open Technology Fund, and the report said that “the app was found to perform extensive logging and storing of a significant amount of debug information in the SD card.”
“Although the amount of the data gathered by the app is extensive, this practice is not uncommon for commercial applications,” said the report. “That said, when it is performed at the government-level and given that the majority of citizens run this application, it essentially gives the government the capacity to determine – among other information – the location of every citizen at any single point in time.”
Another feature of the app “could provide the opportunity to efficiently collect, map and analyse personal information, biometric data and private messages in a centralised database,” the report said.
“This technical analysis and review of the “Study the Great Nation”application has demonstrated that the concerns expressed by Human RightsWatch are valid,” concluded the report. “Carried out by Cure53 in close collaboration with the OTF team, this August 2019 the project sheds light on six items from the perspective of potential violations of human rights.
“In a nutshell, judging by the research outputs and results of an in-depth analysis, theCure53 team finds it evident and undeniable that the examined application is capable of collecting and managing vast amounts of very specific data. It is certain that the gathered material can become a basis for further actions concerning a specific group (or groups) of citizens.”
“…the application’s functionality leads Cure53 to believe that violations of human rights are indeed taking place,” it warned.
The Chinese government however, according to the BBC, has denied the app had the monitoring functions listed by the cyber investigators.
Do you know all about security? Try our quiz!