Chinese Police Using New Malware to Pull Data from Seized Phones, Researchers Say

Massistant mobile forensic tool
Source: Xiamen Meiya Pico | The Massistant mobile forensic tool's hardware.

Key Points

  • Chinese authorities are reportedly using a new malware called Massistant to extract all data from seized mobile phones.
  • The tool requires police to have physical access to an unlocked phone to install the software.
  • It can copy everything, including messages from encrypted apps like Signal, photos, and location data.
  • Researchers warn that both Chinese citizens and travelers to the country are at risk of having their devices searched.

Security researchers have uncovered a new type of malware called Massistant that Chinese authorities are reportedly using to extract data from seized phones. The tool can pull nearly everything off a device, including text messages from secure apps like Signal, photos, location history, and contacts.

A new report from cybersecurity firm Lookout identified the tool, which Chinese tech giant Xiamen Meiya Pico developed. According to researchers, Massistant is software used for “forensic extraction,” meaning police must have physical access to a phone that is unlocked. They then connect the device to a hardware tower and install the malware to copy the data. While Lookout only analyzed the Android version, the developer’s website suggests an iPhone version also exists.

Lookout researcher Kristina Balaam warned that anyone traveling to China should be aware of the risk. She noted that the tool appears to be widely used, based on complaints found on Chinese online forums from people who discovered the malware on their phones after interacting with police.

Because Chinese law allows authorities to search phones without a warrant, police don’t need to use sophisticated exploits; they can simply demand a person unlock their device. The researchers noted that Massistant does leave traces on a device, so a person can later find and delete the app. However, by the time the malware is discovered, the damage is done, and authorities have already copied the user’s personal information.

The U.S. government sanctioned Xiamen Meiya Pico in 2021 for supplying its technology to the Chinese government.

EDITORIAL TEAM
EDITORIAL TEAM
Al Mahmud Al Mamun leads the TechGolly editorial team. He served as Editor-in-Chief of a world-leading professional research Magazine. Rasel Hossain is supporting as Managing Editor. Our team is intercorporate with technologists, researchers, and technology writers. We have substantial expertise in Information Technology (IT), Artificial Intelligence (AI), and Embedded Technology.
Latest
ADVERTISEMENT
3rd party Ad. Not an offer or recommendation by atvite.com.
Read More
Load More
TechGolly Logo

We are highly passionate and dedicated to delivering our readers the latest information and insights into technology innovation and trends. Our mission is to help understand industry professionals and enthusiasts about the complexities of technology and the latest advancements.

Browse

Services

Article Tips

Do you have confidential information? We’re here to listen.

Contact Us

Advertise With Us

Contact Us

Contact Us

Follow Us

Linkedin Youtube Twitter Facebook-f

COPYRIGHT © 2026 TECHGOLLY | ALL RIGHTS RESERVED