After the US government urged its athletes heading to Beijing for the upcoming Olympics to use disposable ‘burner’ phones and laptops to avoid Chinese Communist hacking, a security expert warns about China’s ‘MY 2022’ smartphone app that Beijing demands international and local attendees use to come to the Games.
According to the Epoch Times (ET), the app’s vulnerabilities were recently exposed by University of Toronto’s Citizen Lab, which described in its analysis that the app has a “devastating” security flaw.
The ‘MY 2022’ app’s developer, Beijing Financial Holdings Group Co., Ltd, shown on the Apple App Store download page, is closely tied to the Chinese Communist Party (CCP).
ET reports that this state provided app is a security nightmare, that will follow you worldwide long after the games are over: “If the end user does not disable the app, or uninstall the app, whoever developed this app will still be able to surveil and data mine that end user even beyond the Olympic Games.” ET adds:
…sensors and hardware that the app developer can take control of such as your camera [and] your microphone,” Lee said. “They’ll know when the end user is sitting, walking, riding a bike, riding in a car, or even sleeping.
“So if this information ends up in the wrong hands of bad actors, it can go everywhere from bank accounts being hacked, social security numbers being hacked, credit card numbers being hacked, all the way to the delivery of misinformation and disinformation.”
The app, which primarily serves as a tool to track users’ COVID-19 health status, also features an instant messaging function and provides information about the Games, as well as local food and beverage, accommodations, and transportation. The app is available in both iOS and Android versions.
Citizen Lab, which published its findings on the app on Jan. 18, said that user information, including passport details, travel history, and phone numbers, could be compromised, given that the app can be “deceived into connecting to a malicious host while believing it is a trusted host.”
The laboratory also found that the app contains a blacklist for keywords, including “Tiananmen massacre,” “Tibet Freedom,” and “Falun Gong,” as well as Chinese terms for The Epoch Times and its sister outlet NTD. The Chinese regime blocks The Epoch Times and its affiliated media due to their longstanding reporting on issues critical of the communist regime such as human rights violations. ADN