Official Chinese App Allows Backdoor Access To Phones, Warns Cure 53

Security specialist Case 53 has warned that an educational app, heavily promoted by the Chinese state, contains a backdoor to allow for spying on its citizens.

According to Case 53, the ‘Study the Great Nation’ app which is officially backed by the Chinese Communist Party, can provide ‘super-user’ access for the Chinese government to people’s smartphones.

China is known for its ‘Great Chinese Firewall,’ a phrase coined because of the country’s strict online surveillance regulations that saw the adoption of a controversial cyber security law that gives the government even more control over the internet in that country.

Official app

The warning about this Chinese app came in a long report from Cure 53, and it said the app has apparently been downloaded more than 100 million times since its release in February 2019, and it has been heavily promoted by entities such as Chinese state media, universities, schools and similar parties.

It said that the “Study the Great Nation is a multifunctional smartphone application created around the Communist Party of China and the life of Xi Jinping.

It was reportedly “developed by the Parties Propaganda Department and tech-giant Alibaba, and allows for video chat with friends,sending messages that get deleted after having being read, creating a personal calendar, getting information via the state media or watching TV series about the History of the Communist Party of China.”

Use of the app is reportedly mandatory among party officials and civil servants, and from this month, local journalists must pass a test on the life of President Xi, delivered via the app, in order to obtain a press card.

Data gathering

Cure53 was tasked with reviewing the premise of this app by the Open Technology Fund, and the report said that “the app was found to perform extensive logging and storing of a significant amount of debug information in the SD card.”

“Although the amount of the data gathered by the app is extensive, this practice is not uncommon for commercial applications,” said the report. “That said, when it is performed at the government-level and given that the majority of citizens run this application, it essentially gives the government the capacity to determine – among other information – the location of every citizen at any single point in time.”

Another feature of the app “could provide the opportunity to efficiently collect, map and analyse personal information, biometric data and private messages in a centralised database,” the report said.

“This technical analysis and review of the “Study the Great Nation”application has demonstrated that the concerns expressed by Human RightsWatch are valid,” concluded the report. “Carried out by Cure53 in close collaboration with the OTF team, this August 2019 the project sheds light on six items from the perspective of potential violations of human rights.

“In a nutshell, judging by the research outputs and results of an in-depth analysis, theCure53 team finds it evident and undeniable that the examined application is capable of collecting and managing vast amounts of very specific data. It is certain that the gathered material can become a basis for further actions concerning a specific group (or groups) of citizens.”

“…the application’s functionality leads Cure53 to believe that violations of human rights are indeed taking place,” it warned.

The Chinese government however, according to the BBC, has denied the app had the monitoring functions listed by the cyber investigators.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Canon Suffers Ransomware Attack, With 10TB Of Data Stolen – Report

Report suggests Canon has been crippled with a ransomware attack with allegedly 10TB of data,…

18 hours ago

Uber Expands UK Reach With Autocab Buy

Amid consolidation in the taxi sector caused by Coronavirus lockdown, Uber purchases British rival Autocab…

18 hours ago

TikTok Selects Ireland For First European Data Centre

Ireland to get another data centre after the Chinese-owned short video app TikTok announces first…

19 hours ago

Google Plus Users To Receive Financial Settlement

American users of the defunct Google Plus can claim $12 as part of a lawsuit…

21 hours ago

Twitter, Facebook Delete Trump Posts About Children And Coronavirus

Social networking giants temporarily restrict the Facebook and Twitter accounts of President Trump over harmful…

23 hours ago

Teenager Pleads Not Guilty To Organising Twitter Hack

Not me, gov'nor. Florida-based teenager pleads not guilty to masterminding major hack of Twitter's internal…

2 days ago