New Mobile Phone Forensics Tool

The Chinese have a new tool called Massistant.

  • Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico.
  • The forensics tool works in tandem with a corresponding desktop software.
  • Massistant gains access to device GPS location data, SMS messages, images, audio, contacts and phone services.
  • Meiya Pico maintains partnerships with domestic and international law enforcement partners, both as a surveillance hardware and software provider, as well as through training programs for law enforcement personnel.

From a news article:

The good news, per Balaam, is that Massistant leaves evidence of its compromise on the seized device, meaning users can potentially identify and delete the malware, either because the hacking tool appears as an app, or can be found and deleted using more sophisticated tools such as the Android Debug Bridge, a command line tool that lets a user connect to a device through their computer.

The bad news is that at the time of installing Massistant, the damage is done, and authorities already have the person’s data.

Slashdot thread.

Tags: , , , , ,

Posted on July 18, 2025 at 7:07 AM5 Comments

Comments

Celos July 18, 2025 7:33 AM

Well, the usual advice is “do not trust your phone”. Used to be mainly for criminals, but now definitely applies to everybody. Dark times.

Clive Robinson July 18, 2025 9:10 AM

@ Celos, ALL,

With regards,

‘Well, the usual advice is “do not trust your phone”’

Well it’s out of date by a long ways…

It should now be,

“Do not trust your devices or cards”

At the very least.

Even most modern microcontrollers contain the ability to communicate by EM Radiation…

So you just need a wire trace or coil on a PCB to act as an antenna.

Such devices can and do work from Long Wave Frequencies well below the “Medium Wave”(MW) band for “Near Field” communications. And likewise into the mid “High Frequencies”(HF) for “Radio Frequency ID”(RFID) devices similar to those used in passports. Then up through the Mobile Phone, WiFi and “Industrial Scientific and Medical”(ISM) bands into the low microwave bands.

Keeping track on what even your “portable radio” transmits as a Bluetooth signal supposedly just for speakers and ear buds can be more than a full time job.

Remember that all those “apps” can act as repeaters. Such that a BlueTooth channel can be received and then broadcast as a WiFi or Mobile signal is relatively trivial this century.

Worse is the idea of the “electronic rock” that the UK SiS developed to be used in Moscow. It acted as a repeater “but” it would “Store and Forward” sensitive data.

So you could eat a sandwich in the park mid day and upload data to the rock. But importantly have the rock save the data such that it would upload it to another device hours or days away.

Needless to say the Russian security forces realised what was going on thus could identify “Persons of Interest” for further attention upto and including FFF for “Find Fix and Finish” where the “Finish” could be upto and including “high velocity lead poisoning”…

But even modern “White Goods” in the Kitchen have such radio interfaces in them. And some TV’s and other entertainment devices.

As was noted a week or three back, pretty much any recent “consumer device” in your home or coat pocket can do all of this for less than 1USD increase in retail price…

lurker July 18, 2025 1:52 PM

@K Campbell

The article appears to discuss only Android, but given the popularity of iPhone in China I would expect an iOS version is lurking in the wild waiting to be discovered.

not important July 19, 2025 6:42 PM

https://www.technologyreview.com/2025/06/23/1118401/privacy-book-reviews-surveillance-higher-education/

=While most of us are at least vaguely aware that our phones and apps are a vector for data collection and tracking, both the way in which this is accomplished and the extent to which it happens often remain murky. Purposely so, argues Tau. In fact, one of the
great myths Means of Control takes aim at is the very idea that what we do with our devices can ever truly be anonymized. Each of us has habits and routines that are completely unique, he says, and if an advertiser knows you only as an alphanumeric string provided by your phone as you move about the world, and not by your real name, that still offers you virtually no real privacy protection. (You’ll perhaps not be surprised to learn that such “anonymized ad IDs” are relatively easy to crack.)=

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.