Found 3 bookmarks
Newest
Lookout Discovers Massistant Chinese Mobile Forensic Tooling
Lookout Discovers Massistant Chinese Mobile Forensic Tooling
lookout.com - Massistant is a mobile forensics application used by law enforcement in China to collect extensive information from mobile devices. Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico The forensics tool works in tandem with a corresponding desktop software. Massistant gains access to device GPS location data, SMS messages, images, audio, contacts and phone services. Meiya Pico maintains partnerships with domestic and international law enforcement partners, both as a surveillance hardware and software provider, as well as through training programs for law enforcement personnel. * Travel to and within mainland China carries with it the potential for tourists, business travelers, and persons of interest to have their confidential mobile data acquired as part of lawful intercept initiatives by state police. Researchers at the Lookout Threat Lab have discovered a mobile forensics application named Massistant, used by law enforcement in China to collect extensive information from mobile devices. This application is believed to be the successor to a previously reported forensics tool named “MFSocket” used by state police and reported by various media outlets in 2019. These samples require physical access to the device to install, and were not distributed through the Google Play store. Forensics tools are used by law enforcement personnel to collect sensitive data from a device confiscated by customs officials, at local or provincial border checkpoints or when stopped by law enforcement officers. These tools can pose a risk to enterprise organizations with executives and employees that travel abroad - especially to countries with border patrol policies that allow them to confiscate mobile devices for a short period of time upon entry. In 2024, the Ministry of State Security introduced new legislation that would allow law enforcement personnel to collect and analyze devices without a warrant. There have been anecdotal reports of Chinese law enforcement collecting and analyzing the devices of business travellers. In some cases, researchers have discovered persistent, headless surveillance modules on devices confiscated and then returned by law enforcement such that mobile device activity can continue to be monitored even after the device has been returned.
#lookout.com#EN#2025#Massistant#China#Forensic#Tool#mobile
·lookout.com·
Lookout Discovers Massistant Chinese Mobile Forensic Tooling
SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation
SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation
This report details a newly identified and active fraud campaign, highlighting the emergence of sophisticated mobile malware leveraging innovative techniques: SuperCard X Malware: A novel Android malware offered through a Malware-as-a-Service (MaaS) model, enabling NFC relay attacks for fraudulent cash-outs. Evolving Threat Landscape: Demonstrates the continuous advancement of mobile malware in the financial sector, with NFC relay representing a significant new capability. Combined Attack Vectors: Employs a multi-stage approach combining social engineering (via smishing and phone calls), malicious application installation, and NFC data interception for highly effective fraud. Low Detection Rate: SuperCard X currently exhibits a low detection rate among antivirus solutions due to its focused functionality and minimalistic permission model.‍ * Broad Target Scope: The fraud scheme targets customers of banking institutions and card issuers, aiming to compromise payment card data.
#cleafy.com#EN#2025#SuperCardX#Malware#NFC#report#campaign#mobile
·cleafy.com·
SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation