An APK Chinese authorities load onto the Android phones of foreigners crossing into Xinjiang.
The app goes by the names BXAQ or Fengcai, and also includes references to "CellHunter" and "MobileHunter" in its code.
The app is the focus of a collaboration by Motherboard, Süddeutsche Zeitung, the Guardian, the New York Times, and the German public broadcaster NDR. Cure53 on behalf of the Open Technology Fund, Citizen Lab from the University of Toronto, and researchers from the Ruhr University Bochum all provided insights and analysis into the app.
Once installed on an Android phone, BXAQ collects all of the phone's calendar entries, phone contacts, call logs, and text messages and uploads them to a server. The malware also scans the phone for over 73,000 files.
Our coverage:
China Is Forcing Tourists to Install Text-Stealing Malware at its Border https://www.vice.com/en_us/article/7xgame/at-chinese-border-tourists-forced-to-install-a-text-stealing-piece-of-malware
The 73,000 Things You Can’t Have on Your Phone in China https://www.nytimes.com/2019/07/02/technology/china-xinjiang-app.html
Chinese border guards put secret surveillance app on tourists' phones https://www.theguardian.com/world/2019/jul/02/chinese-border-guards-surveillance-app-tourists-phones
Wie eine Polizei-App Touristen in China ausspäht https://www.sueddeutsche.de/politik/china-app-ueberwachung-touristen-1.4508470
Technical Reports:
Analyzing MobileHunter https://dwuid.com/content/analyzing-mobilehunter
Analysis-Report Chinese Police App “BXAQ” 03.2019 https://cure53.de/analysis-report_bxaq.pdf