• EagleMsgSpy is a lawful intercept surveillance tool developed by a Chinese software development company with use by public security bureaus in mainland China.
  • Early samples indicate the surveillance tool has been operational since at least 2017, with development continued into late 2024.
  • The surveillanceware consists of two parts: an installer APK, and a surveillance client that runs headlessly on the device when installed.
  • EagleMsgSpy collects extensive data from the user: third-party chat messages, screen recording and screenshot capture, audio recordings, call logs, device contacts, SMS messages, location data, network activity.
  • Infrastructure overlap and artifacts from open command and control directories allow us to attribute the surveillanceware to Wuhan Chinasoft Token Information Technology Co., Ltd. (武汉中软通证信息技术有限公司) with high confidence.
  • SpaghettiYeti@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    11 days ago

    Device must be unlocked to install, typically installed by authorities

    Its not on the play store

    Minimal risk to all