Chinese government's app caught spying on 100 million Android users
A Germany-based cybersecurity firm has claimed that the Chinese Communist party has been spying on people using its own app. The folks at the firm inspected the app, dubbed Study the Great Nation, and found that it carries backdoors opening access to confidential data on as many as 100 million Android devices. Here's all you need to know about it.
App backdoor opening access to phone storage
During a recent analysis of Study the Great Nation, Germany's Cure53 discovered that the app has been designed with weak encryption. They found poorly secured mail, biometric functions and noted that it stores data in such a way that other apps can access them easily. So, if there are other government apps on your phone, they could read the information saved by this one.
Also, there's this scary 'superuser' access
Along with the poorly secured features, the researchers also discovered a command-line that can be used to gain 'superuser' access to a device. This essentially increases the app's access to the data stored on the phone and can be used by authorities to track the location of a device, record audio on it, or make a call to any number without permission.
A lot of personal data at risk
The researchers emphasized that the backdoors in the app can easily be leveraged by the Chinese government to gain access to photos, messages, browsing history, and contacts of phones. "The access itself is significant," Adam Lynn, the Director of Open Technology Fund, which commissioned this study, told The Washington Post. "It can take over the entire device, and it could be sending back information."
This could ultimately pose a threat to citizens
The level of information that this app reveals can easily be used by the Chinese government to find and capture political dissidents or people who tend to raise their voice against the authoritarian government. Also, as the app was specifically designed to push the party's propaganda, there is a good chance that some spying might be happening in the background to track potential dissenters.
