CyberSecurityBoard
Sponsor Register Login

Massistant Chinese Mobile Forensic Tooling Gain Access to SMS Messages, Images, Audio and GPS Data

During laboratory testing, Lookout researchers identified hard-coded shell commands (setprop service.adb.tcp.port 5555 followed by stop adbd && start adbd) that reopen ADB in TCP mode, a feature quietly advertised on Meiya Pico’s commercial site as a 2024 “Mobile Master Series” upgrade. For corporate security teams, the finding underscores the importance of “travel mode” policies that disable USB debugging, enforce strong device encryption, and perform post-trip integrity scans capable of detecting residual artifacts such as the stray mfsocket.xml or cached SQLite extracts that Massistant occasionally leaves behind. Unlike conventional spyware that relies on covert remote delivery, Massistant is installed physically when a device is in official custody, then pairs with a Meiya Pico “Mobile Master” workstation to conduct a high-speed forensic dump. Travellers report finding the unfamiliar icon only after their phones are returned, while forensic analysts have traced every variant to a signing certificate belonging to Xiamen Meiya Pico Information Co., Ltd.—a firm now re-branded as SDIC Intelligence yet still controlling roughly 40% of China’s digital-forensics market. Emerging in mid-2023 as an apparent successor to Meiya Pico’s notorious MFSocket, the newly identified Android application Massistant has begun surfacing on confiscated handsets at Chinese border checkpoints and police stations. The combination of USB installation, Accessibility bypass, and transient ADB-over-Wi-Fi sessions enables investigators to dump messages from Signal, Telegram and Letstalk—even when those apps encrypt local storage—before scrubbing the forensic implant. Massistant then opens a local service on TCP/10102 and waits for the desktop client to forward Android Debug Bridge (ADB) commands across the USB link, harvesting data partitions within minutes. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The native library libNativeUtil.so further exposes an ADB-over-Wi-Fi backdoor: once the forensic laptop authenticates over USB, it can switch to the device’s WLAN interface, copy auxiliary binaries and continue extraction untethered.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 17 Jul 2025 16:05:14 +0000


Cyber News related to Massistant Chinese Mobile Forensic Tooling Gain Access to SMS Messages, Images, Audio and GPS Data

Massistant Chinese Mobile Forensic Tooling Gain Access to SMS Messages, Images, Audio and GPS Data - During laboratory testing, Lookout researchers identified hard-coded shell commands (setprop service.adb.tcp.port 5555 followed by stop adbd && start adbd) that reopen ADB in TCP mode, a feature quietly advertised on Meiya Pico’s commercial ...
2 months ago Cybersecuritynews.com
What Is Patch Management? - Containers are created using a container image, and a container image is created using a Dockerfile/Containerfile that includes instructions for building an image. Considering the patch management and vulnerability management for containers, let's ...
1 year ago Feeds.dzone.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com
Helping to keep the lights on in Ukraine in the face of electronic warfare - Ukraine's high-voltage electricity substations rely on GPS for time synchronization. Many of Ukraine's high-voltage electrical substations - which play a vital role in the country's domestic transmission of power - make extensive use of the ...
1 year ago Blog.talosintelligence.com
Chinese hacking documents offer glimpse into state surveillance - Chinese police are investigating an unauthorized and highly unusual online dump of documents from a private security contractor linked to the nation's top policing agency and other parts of its government - a trove that catalogs apparent hacking ...
1 year ago Apnews.com
Forensic Timeliner – Windows Forensic Tool - Forensic Timeliner is a powerful Windows forensic tool designed to assist cybersecurity professionals in creating detailed timelines of system events. This tool aggregates and correlates various artifacts from Windows systems to provide a ...
3 days ago Cybersecuritynews.com
10 Best Digital Forensic Tools - 2025 - Belkasoft X is a modern digital forensics suite that excels at extracting and analyzing evidence from computers, mobile devices, and cloud services. Comparison Table: Top 10 Digital Forensic Investigation Tools 2024 Tool NameComputer ForensicsMobile ...
2 months ago Cybersecuritynews.com Axiom
Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
1 year ago Blog.checkpoint.com
CVE-2023-38297 - An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of ...
1 year ago
\Logicube’s Falcon®-NEO2 Forensic Imager Achieves Project VIC Validation; Now VICS Data Compliant - Kindred Tech, the organization responsible for maintaining and curating the VICS (Video, Image, Classification Schema) data model, welcomes Falcon-NEO2 into the network of officially validated tools that support international standards for ...
4 months ago Cybersecuritynews.com
Uncovering Chinas Surveillance of the United States Spies Hackers and Informants - Last week, a Chinese surveillance balloon in the United States caused a diplomatic uproar and raised concerns about how Beijing collects intelligence on its biggest rival. FBI Director Christopher Wray said in 2020 that Chinese spying is the most ...
2 years ago Securityweek.com Silence
Mobile Insecurity: Unmasking the Vulnerabilities in Your Pocket - Mobile devices have become indispensable companions in our daily lives, offering us instant access to a world of information and services. On average, mobile users interact with more than 20 applications each day, making these handheld marvels ...
1 year ago Cyberdefensemagazine.com Rocke
Mobile Device Security: Protecting Your Smartphone - To ensure the safety of your smartphone and protect your personal data from unauthorized access, it is crucial to take proactive steps to enhance mobile device security. Enable device encryption: Enable device encryption on your smartphone to protect ...
1 year ago Securityzap.com
Cybersecurity Crisis Looms: FBI Chief Unveils Chinese Hackers' Plan to Target US Infrastructure - As the head of the FBI pointed out Wednesday, Beijing was positioning itself to disrupt the daily lives of Americans if there was ever a war between the United States and China if it were to plant malware to damage civilian infrastructure. U.S. ...
1 year ago Cysecurity.news Volt Typhoon
Ushering in the Next Phase of Mobile App Adoption: Bolstering Growth with Unyielding Security - In recent years, mobile apps have surged in popularity providing consumers with instant access to a variety of life essentials such as finances, education, and healthcare to life's pleasures such as shopping, sports, and gaming. With the popularity ...
1 year ago Cyberdefensemagazine.com
What Apple's Promise to Support RCS Means for Text Messaging - RCS will thankfully bring a number of long-missing features to those green bubble conversations in Messages, but Apple's proposed implementation has a murkier future when it comes to security. The RCS standard will replace SMS, the protocol behind ...
1 year ago Eff.org
DHS and FBI: Chinese Drones Pose Major Threat to U.S. Security - The cybersecurity arm of the Department of Homeland Security and the Federal Bureau of Investigation have jointly issued a public service announcement cautioning about the potential risks posed by Chinese-manufactured drones to critical ...
1 year ago Cysecurity.news
Google Fi User Data Breached Through T-Mobile Hack - According to Google Fi's email sent to its customers on Monday, a limited amount of their customer data was exposed in T-Mobile's breach after suspicious activity was noted in a system that contained Google Fi's customer data. Google Fi, Google's ...
2 years ago Hackread.com
The Art of Securing Cloud-Native Mobile Applications - We will explore the dynamic intersection of cloud-native architecture and mobile application security, delving into the strategies and best practices essential for safeguarding sensitive data, ensuring user privacy, and fortifying against emerging ...
1 year ago Feeds.dzone.com
CVE-2007-0018 - Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the ...
6 years ago
7 Months Inside an Online Scam Labor Camp - He had been kidnapped and forced to work for an abusive online scam operation. A man was abducted by a Chinese gang and forced to work in a scam operation. More than anything else, Neo Lu, a 28-year-old Chinese office worker, believed the gig would ...
1 year ago Nytimes.com
LLMs Open to Manipulation Using Doctored Images, Audio - Such attacks could become a major issue as LLMs become increasingly multimodal or are capable of responding contextually to inputs that combine text, audio, pictures, and even video. Hiding Instructions in Images and Audio At Black Hat Europe 2023 ...
1 year ago Darkreading.com
Chinese Student Charged for Running a Mass Smishing Campaign to Harvest Victims Personal Details - The investigation was conducted by the Dedicated Card and Payment Crime Unit (DCPCU), a specialist banking industry-sponsored police unit, working in collaboration with major mobile network operators including BT, Virgin Media O2, Vodafone Three, and ...
3 months ago Cybersecuritynews.com
Belgium probes if Chinese hackers breached its intelligence service - According to The Brussels Times, the hacked server also routed internal HR exchanges among Belgian intelligence personnel, raising concerns about the potential exposure of sensitive personal data including identity documents and CVs belonging to ...
7 months ago Bleepingcomputer.com APT3 APT30 GALLIUM
Increase In Mobile Threats Calls for A Proactive Mindset. - Mobile threats are always evolving in the world of business. Threats to mobile security are increasing: More than 60% of cyber attacks now occur on mobile devices, including phishing and smishing scams and password theft within organisations. One ...
1 year ago Cyberdefensemagazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)