- EagleMsgSpy is a lawful intercept surveillance tool developed by a Chinese software development company with use by public security bureaus in mainland China.
- Early samples indicate the surveillance tool has been operational since at least 2017, with development continued into late 2024.
- The surveillanceware consists of two parts: an installer APK, and a surveillance client that runs headlessly on the device when installed.
- EagleMsgSpy collects extensive data from the user: third-party chat messages, screen recording and screenshot capture, audio recordings, call logs, device contacts, SMS messages, location data, network activity.
- Infrastructure overlap and artifacts from open command and control directories allow us to attribute the surveillanceware to Wuhan Chinasoft Token Information Technology Co., Ltd. (武汉中软通证信息技术有限公司) with high confidence.
Lookout Discovers New Chinese Surveillance Tool Used by Public Security
Submitted 1 week ago by Joker@sh.itjust.works to cybersecurity@infosec.pub
https://www.lookout.com/threat-intelligence/article/eaglemsgspy-chinese-android-surveillanceware
SpaghettiYeti@lemmy.world 1 week ago
Device must be unlocked to install, typically installed by authorities
Its not on the play store
Minimal risk to all