2024-12-27 12:13:35 Pacfic
Chinese Law Enforcement Uses EagleMsgSpy Tool - 13d
A new mobile surveillance tool called EagleMsgSpy has been discovered by security researchers, revealing its use by Chinese law enforcement to gather extensive data from Android devices. The tool, operational since at least 2017, is believed to be developed by Wuhan Chinasoft Token Information Technology Co., Ltd. EagleMsgSpy requires physical access to a device for installation of a stealthy surveillance module. Once installed, it collects a wide range of sensitive user data, including chat messages, screen recordings, audio, call logs, contacts, SMS, location data, and network activity. This data is then transmitted to a command-and-control server.
The EagleMsgSpy tool also leverages Notification Listener and Accessibility Services to monitor device activity and intercept messages from popular apps like QQ, Telegram, Viber, WhatsApp, and WeChat. The installer component suggests the tool is likely used by multiple customers, requiring a "channel" or "account" input upon installation. Researchers also observed an evolution in the sophistication of obfuscation and storage of encrypted keys over time. The tool appears designed for judicial monitoring, allowing remote installation and data collection without user knowledge. The discovery raises significant concerns about privacy and the potential misuse of gathered information.
ImgSrc: cdn.prod.website-files.com
References:
- GBHackers Security - New Chinese Surveillance Tool Attack Android Users Since 2017 - 13d
- Security Affairs - Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement - 13d
- Security News - Security researchers at Lookout have uncovered a new surveillance tool that they say has been used by Chinese law enforcement to collect sensitive information from Android devices in China - 13d
- Security Risk Advisors - Chinese Surveillance Tool EagleMsgSpy Uncovered by Lookout Researchers - 13d
Classification:
- HashTags: China Surveillance Android
- Company: Lookout
- Target: Android Users
- Attacker: Chinese Law Enforcement
- Product: Android
- Feature: Mobile Surveillance
- Type: Espionage
- Severity: Medium