Researchers found a new spyware tool, “EagleMsgSpy.” Chinese law enforcement used it to collect sensitive data from Android devices. It was discovered by the U.S. cybersecurity company Keep in mind that this tool has been in use since at least 2017. It gathers info like call logs, contacts, GPS data, and app messages from Telegram and WhatsApp.
The spyware can also record device screens and capture audio while the phone is in use. Lookout calls EagleMsgSpy a “comprehensive mobile phone judicial monitoring product.” It lets authorities check suspects in real time, without their knowledge. China’s public security bureaus are connected to the tool. It suggests a wide-scale surveillance use.
Lookout’s probe suggests a Chinese firm, Wuhan Chinasoft Token, made the spyware. This company is believed to have close ties to China’s law enforcement. So, the tool is likely part of domestic surveillance efforts. But the tool may also pose risks to travelers in China. It may track people even outside the country.
EagleMsgSpy now needs physical access to a device. Lookout believes that it can modify itself in the future to work remotely. References to a possible iOS version of the spyware were discovered by the company. Researchers have yet to find it. This ongoing work suggests the tool may become a bigger threat.
