The Chinese government is reportedly forcing foreigners to download malware onto their phones when crossing into the country. The malware downloads people's text messages, phone logs and calendar entries, and scans the device for around 73,000 other files, according to a joint investigation by The New York Times, the Guardian, Motherboard, Süddeutsche Zeitung and German broadcaster NDR.
According to the joint report on Tuesday, tourists crossing the Chinese border into the Xinjiang region have had their phones seized by border guards, who then install Android malware called BXAQ or Fengcai. It searches for any Islamic content, the publications said, citing several expert analyses of the software.
The malware also searched for parts of the Quran, Dalai Lama PDF files and music from a Japanese metal band, Unholy Grave, the reports said.
A tourist who had the malware installed on their phone reportedly provided it to both Süddeutsche Zeitung and Motherboard, with a reporter at Süddeutsche Zeitung then crossing the border and experiencing the malware installation themselves. That reporter also said they saw machines being used to search iPhones at the border.
"We already know that Xinjiang residents, particularly Turkic Muslims, are subjected to round-the-clock and multidimensional surveillance," Motherboard quoted Maya Wang, China senior researcher at Human Rights Watch, as saying. "[This malware] suggests that even foreigners are subjected to such mass, and unlawful surveillance."
Human Rights Watch didn't immediately respond to a request for comment.