Security researchers have now discovered a powerful surveillance tool known as EagleMsgSpy reportedly used by Chinese law enforcement authorities to extract sensitive information from Android devices.

Found by the US-based cybersecurity firm Lookout, this spyware has been in operation since at least 2017, the Black Hat Europe conference revealed.

Spyware

EagleMsgSpy: A Comprehensive Surveillance System

The capabilities of the spyware are alarming, with its ability to collect extensive data, including call logs, GPS locations, messages from apps like Telegram and WhatsApp, and even initiate screen and audio recordings on targeted smartphones, The Hacker News highlights in its report.

EagleMsgSpy is described in an internal manual as a "comprehensive mobile phone judicial monitoring product."This tool lets law enforcement access real-time data from a suspect's device secretly.

Kristina Balaam, a senior intelligence researcher at Lookout, says many public security agencies in mainland China widely accepted the spyware.

This is what the tool can do:

• Access call logs and contact lists.
• Monitoring GPS locations.
• Capturing screen activity and audio recordings.
• Extracting messages from popular third-party apps.

These features make EagleMsgSpy a very effective surveillance tool, allowing law enforcement agencies to track suspects' behavior in depth.

Developer Links to Chinese Public Security Bureaus

Research indicates that EagleMsgSpy was created by Wuhan Chinasoft Token Information Technology, a private Chinese tech company. The infrastructure of the spyware connects to public security bureaus, which are essentially local police stations in mainland China.

Its infrastructure overlaps with many other China-linked spyware, for instance, with CarbonSteal known to be used against Tibetans and Uyghur communities. That tie makes the likelihood to be true that EagleMsgSpy is a part of even larger surveillance operations.

EagleMsgpy's Impact Beyond China

While EagleMsgSpy seems to be used internally, its implications are way beyond China. Travelers to the region will also be at risk of being targeted. Currently, the spyware requires physical access to a device, but ongoing development can lead to more sophisticated versions of the spyware that don't require this.

Finally, Lookout's research shows that there may be an iOS version of EagleMsgSpy, which would take its reach to a whole other level.

"I think if it was just about domestic surveillance, they would stand up their infrastructure in some place that we couldn't access from North America. I think it gives us a bit of insight into the fact that they're hoping to be able to track people if they leave, whether they are Chinese citizens, or not," Balaam told TechCrunch.

Before you install or download anything from your Android device, be careful and check its legibility. Verify if its developer is legit and exists because most malware-ridden apps are made by hackers disguised as genuine companies.

It's always important to practice extreme vigilance when it comes to online apps. Since Google PlayStore's security is weak, you have to do the back-checking always.

You can search on the internet to see the app's reviews. However, positive reviews can appear deceiving and this is sometimes a part of the cybercriminal's plan to spread malware.