Cyber security researchers have highlighted a mobile forensic equipment On a large scale It is used by law enforcement officers in China to collect information from seized mobile devices.
Hacking Tool, which is considered the successor of MFSOCKET, SDIC Intelligence Xiamen Information CO., Ltd. A Chinese called a Chinese company has been developed, earlier known as Meiya Pico. This electronic data specializes in research, development and sale of forensic and network information safety technology products.
According to a report published by the lookout, the menstant works closely with a related desktop software, allowing the GPS location of the device to access data, SMS messages, pictures, audio, contact and phone services.
Security researcher Christina Balam said, “Meya Pico maintains partnership with domestic and international law enforcement partners, both as a monitoring hardware and software provider, as well as training programs for law enforcement personnel,” said security researcher Christina Balam.
Masistant requires physical access to the device to install the application, which means that it can be used to collect data from devices seized from individuals when it is stopped at boundary posts.
Lookout said it received large -scale samples in mid -2019 and early 2023 and was signed with an Android signing certificate in terms of Meya Pico.
Both the menstanters and its preceding, MFSOCKET, similarly work that they need to be connected to the desktop computers running forensic software to remove data from the device. Once launched on the phone, the tool motivates users to give IT permissions to access sensitive data, after which no other interaction is required.
“If the user tries to get out of the application, they get a notice that the application is in ‘data’ mode and there will be some error from exit,” Balam explained. “This message is translated into only two languages: Chinese (simplified character) and ‘US’ English.”
The application is designed in such a way that it automatically uninstalls from the device when it is disconnected from the USB. Masistant also expands on the characteristics of the MFSocket to incorporate the ability to connect to the phone using Android Debug Bridge (ADB) on Wi-Fi and download additional files in the device.
Another new functionality included in Masistant is to collect data from third -party messaging apps beyond telegram to include signals and latestocks, a Taiwanese chat application with over 100,000 downloads on Android.
While the analysis of the lookout is mainly focused on the Android version of the Massist, the images shared on its website show iPhones associated with its forensic hardware device, suggests that Apple is equivalent to an iOS for drawing data from the devices.
The fact is that Meya Pico can also be focused on iOS equipment, which is from various patents filed by the company, which is related to collecting evidence from Android and iOS devices including Voiceprints for Internet related matters.
“Voiceprint characteristics are one of the important biological characteristics of the human body, and can specifically determine the identity of a user,” according to a patent. “After the creation of the Voiceprint library, a plurality of police seeds can be served directly, and the efficiency and ability to detect and solve the case of the respective organization can be effectively improved.”
The participation of the digital forensic firm in the monitoring location is not new. In December 2017, The Wall Street Journal reported that the company worked with police officers in North-Western China at the capital of Shinjiang Uyghur Autonomous region ürümqi to scan the smartphone for terrorism-related material.
Four years later, the American department of the Treasury’s office approved Mia Pico to enable the Office of Foreign Property Control (OFAC) to “biometric monitoring and the trekking of ethnic and religious minorities in China, especially Muslim Uygur minority in Shinjiang.”
Lukout said, “The mainland has the ability to travel within the mainland China and to acquire tourists, business travelers, and interested individuals as part of their confidential obstruction initiative by the state police.”
This disclosure comes a few months later when the lookout detects another spyware, called Eagle, which is used by Chinese police departments as a valid interception tool to collect a wide range of information from mobile equipment.
