The Chinese authorities have moved swiftly to delete from the web the embarrassing revelation that police in Zhejiang province procured a $24,000 mobile trojan to spy on Android and iPhone users in the region.
The incriminating evidence was spotted by netizens on the website of the Wenzhou Economic and Technological Development Zone’s Public Security Bureau (PSB), according to the China Media Project.
Ironically, the information on police expenditures in the region was apparently only posted in a bid to improve transparency. It was taken down a few hours later but not before being widely circulated on social media and picked up by respected business site Caijing.
China Digital Times claimed the authorities issued the following censorship order, effectively removing all mention of the notice from the Chinese internet:
“All websites nationwide must not repost the article ‘Wenzhou Economic and Technological Development Zone Public Security Bureau Spends 100,000 on Cellphone Trojan Horse.’ If already reposted, immediately delete.”
The mobile trojan, targeted at jailbroken Android and iOS devices, was purchased from state-run Wuhan Hongxin Telecommunication Technologies for the princely sum of RMB 100,000 ($16,000).
The police also bought a mechanism to deliver that malware onto targeted devices for RMB 49,000 ($7,887), according to the deleted post.
The story is an embarrassing one for China, given its repeated claims whenever challenged by the US and others that it does not condone any form of hacking or cyber-espionage and is a victim, not a perpetrator, of such attacks.
The accidentally leaked information from Wenzhou would seem to indicate that it is indeed spying on its own citizens – lending more credence to Washington’s assertions that PLA operatives are habitual offenders when it comes to high level cyber-espionage against foreign targets.
Charlie Smith, co-founder of anti-censorship body Greatfire.org, told Infosecurity that the Chinese state has a long track record of using technology against its citizens.
In fact, China’s certificate authority, CCNIC, has been accused by the group in the past of disseminating information-stealing malware and of complicity in the recent Man in the Middle (MITM) attacks on iCloud, Google, Outlook and Yahoo users in China.
This article has been extracted from http://www.infosecurity-magazine.com, please click on this link to read the article in full http://www.infosecurity-magazine.com/news/chinese-police-buy-mobile-trojan/
Montash is a multi-award winning global technology recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy Technology, Demand IT and Business Engagement, Digital and E-commerce, Leadership Talent, Infrastructure and Service Delivery, Project and Programme Delivery.
Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.