[TheRecord] Report: Going to the Beijing Olympics? Leave anything with an electron home

One of the official sponsors to the Beijing 2022 Olympic and Paralympic Winter games is a company called QI-ANXIN and, according to a new report, Olympic visitors who use the company’s VPN software while in Beijing could unwittingly be handing over their user data.

“We recommend that visitors and athletes traveling to the 2022 Winter Olympics in China are aware of the risk in taking and using personal devices during the event,” the threat intelligence company Internet 2.0 writes in a new report. “This is true for all digital communications in China, and not just while using VPN software.”

Analysts at Internet 2.0 found the QI-ANXIN harvests all available network information on Apple and Android phones gobbling up everything from SIM and MAC addresses to IMEI, IMSI, and telephone network information. What’s more, while analyzing QI-ANXIN’s VPN source code, the report said analysts found that in the Apple version of the software access to the camera and the photo library are standard permissions. In other words, athletes and visitors would have to opt out in order to prevent QI-ANXIN from helping itself to their family snapshots.

Armed with all that information, the report says, it would be easy for Chinese authorities to cross reference the data and identify users. What’s more, under China’s national security law, central authorities could get all that data simply by asking for it. Companies are obliged to give it to the government if it is requested. 

The report also took a look at Beijing Kingsoft Office Software, which is an anti-virus product. Kingsoft is also an official supplier to the Beijing 2022 Olympic and Paralympic Winter Games. The Internet 2.0 analysts found that the software’s installer runs a file that could access internet browser information running on a desktop.

“The file potentially copies all browser cookies as well as personal information and credentials,” the report said. The Android version of the software also has data collection and upload functions that could grab GPS location, MAC address, installed applications and screenshots, among other things. 

QI-ANXIN’s VPN source code

The report only reinforces the guidance that a roster of Olympic teams – including the U.S. – have given their athletes: leave your personal cellphones and laptops at home, and if you do bring electronics to the Games make sure they are of the burner variety. 

The Dutch Olympic Committee specifically told its athletes that it is “anticipating Chinese surveillance during the Games” and Canadian, British, and Australian teams have done the same.

The Beijing 2022 organizing committee said in a statement that “the Chinese government attaches great importance to the protection of personal information and personal information collected by Beijing 2022 will not be disclosed unless the disclosure is necessary.” 

A Team USA technology advisory suggests that their athletes either rent or use disposable laptops and phones while in China. They also suggest that they wipe all personal data from the devices before arrival and upon departure. The advisory also recommends using virtual private networks (VPNs) but it doesn’t make clear that China’s QI-ANXIN VPN might be problematic.

“Despite any and all safeguards that are put in place to protect the systems and data that are brought to China, it should be assumed that all data and communications in China can be monitored, compromised or blocked,” the bulletin says.

Athletes begin arriving in Beijing for the Games later this month. The opening ceremony is Feb. 4. The Chinese government, for its part, has promised Olympic athletes free access to social media platforms and other websites while in the Olympic Village.

The post Report: Going to the Beijing Olympics? Leave anything with an electron home appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[TheRecord] Volvo finally confirms “pontential” theft of R&D data

Swedish automaker Volvo confirmed today a security breach and the theft of research and development (R&D) data from one of its file storage repositories. The company’s admission comes after it initially played down the incident describing it in emails to The Record as a “potential cyberattack” and refused to comment despite its data having been leaked online […]

Read More

[SecurityWeek] Polkit Vulnerability Provides Root Privileges on Linux Systems

All posts, Security Week

Qualys security researchers warn of an easily exploitable privilege escalation vulnerability in polkit’s pkexec, a SUID-root program found in all Linux distributions. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[TheRecord] Malware found in coa and rc, two npm packages with 23M weekly downloads

The security team of the npm JavaScript package manager has warned users that two of its most popular packages had been hijacked by a threat actor who released new versions laced with what appeared to be password-stealing malware. Affected packages include coa and rc.Coa is a command-line argument parser with ~8.8 million weekly downloads.Rc is a configuration loader with ~14.2 million weekly […]

Read More