Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md Update README.md Jul 2, 2019
base.apk Add files via upload Jul 1, 2019

README.md

bxaq

An APK Chinese authorities load onto the Android phones of foreigners crossing into Xinjiang.

The app goes by the names BXAQ or Fengcai, and also includes references to "CellHunter" and "MobileHunter" in its code.

The app is the focus of a collaboration by Motherboard, Süddeutsche Zeitung, the Guardian, the New York Times, and the German public broadcaster NDR. Cure53 on behalf of the Open Technology Fund, Citizen Lab from the University of Toronto, and researchers from the Ruhr University Bochum all provided insights and analysis into the app.

Once installed on an Android phone, BXAQ collects all of the phone's calendar entries, phone contacts, call logs, and text messages and uploads them to a server. The malware also scans the phone for over 73,000 files.

Our coverage:

China Is Forcing Tourists to Install Text-Stealing Malware at its Border https://www.vice.com/en_us/article/7xgame/at-chinese-border-tourists-forced-to-install-a-text-stealing-piece-of-malware

The 73,000 Things You Can’t Have on Your Phone in China https://www.nytimes.com/2019/07/02/technology/china-xinjiang-app.html

Chinese border guards put secret surveillance app on tourists' phones https://www.theguardian.com/world/2019/jul/02/chinese-border-guards-surveillance-app-tourists-phones

Wie eine Polizei-App Touristen in China ausspäht https://www.sueddeutsche.de/politik/china-app-ueberwachung-touristen-1.4508470

Technical Reports:

Analyzing MobileHunter https://dwuid.com/content/analyzing-mobilehunter

Analysis-Report Chinese Police App “BXAQ” 03.2019 https://cure53.de/analysis-report_bxaq.pdf

You can’t perform that action at this time.