<Thread> China spies on fellow citizens with the help of private enterprise. Here is an example. 1/18
-
-
The IP address 47.93.5.238 corresponds to http://bxaq.landaitap.com . Whois information shows that this domain has been registered with a landasoft address. 10/18pic.twitter.com/1hh5t2Nezo
Show this thread -
According to
@Bloomberg, Shanghai Landasoft Data Technology Inc. designs and develops prepackaged software solutions for data management and analysis; human management; and criminal suspects trajectory and intelligence analysis. 11/18 https://www.bloomberg.com/research/stocks/private/snapshot.asp?privcapId=417407133 …Show this thread -
Moreover, did you notice the itap in the URL? iTAP is a "product" of Landasoft. Here is the video presentation available on their website. Take the time to watch the full video and then think about the implications. 12/18pic.twitter.com/b9U91rAgm1
Show this thread -
If you want to know more about iTAP and how it's use, you can check the case center. 13/18 http://www.landasoft.com/html/class/dsjfx/itapalzx/index.html …
Show this thread -
By analyzing the APKs found previously, we can find the iTAP backend which is accessible only on mobile. 14/18pic.twitter.com/7eCJVevT7n
Show this thread -
Take the time to zoom in on the banners, to observe the number of logos. It's frightening... 15/18pic.twitter.com/BLp2xBD7WA
Show this thread -
From this site you can download 2 files called ITAP_x32 and ITAP_x64. These archives contains an exe file detected as Trojan.Win32.KillProc.eljgui by NANO-Antivirus. 16/18 https://www.virustotal.com/#/file/e9ab71b4a57a3f9011cbc5aaba846ab5361f09208810ead1360861c69e5071bb/detection …
Show this thread -
This exe file will install a modified version of Chrome. If you are a reverse engineer specialized in this field, can you analyze this file? Your help will be super appreciate. 17/18pic.twitter.com/HkTT0XyboC
Show this thread -
New conversation -
-
-
@OpenTechFund Red Team Lab has conducted a security audit of the app. Check it out :https://www.opentech.fund/news/app-targeting-uyghur-population-censors-content-lacks-basic-security/ … -
Here's the version where you access the PDF and XLS files of the audit: https://old.opentech.fund/article/jian-kong-ying-yong-jing-wang-wei-shi-hao-wu-quan-ke-yan …
- End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.