Massistant: China’s New Mobile Forensics Tool Harvests Data from Seized Devices
The Chinese firm SDIC Intelligence Xiamen Information Co., Ltd. (formerly Meiya Pico), renowned for its work in digital forensics and information security technologies, has developed a mobile tool named Massistant for data extraction from confiscated devices. According to a report by Lookout, this software is actively employed by Chinese law enforcement and functions in tandem with a desktop application.
Massistant, considered the successor to MFSocket, enables access to a range of sensitive information, including GPS data, SMS messages, images, audio files, contact lists, and telephony services. The tool requires physical access to the device and is believed to be deployed at border checkpoints where phones are seized from individuals. Once installed, the application requests permissions to access confidential data, after which no further user interaction is required. If an attempt is made to close the app, a message appears indicating it is operating in “get data” mode—available only in Chinese and English.
Lookout reports that it obtained samples of Massistant between mid-2019 and early 2023. All samples were signed with an Android certificate referencing Meiya Pico.
The software automatically deletes itself once the USB connection is severed and builds upon MFSocket’s capabilities, including support for Android Debug Bridge (ADB) over Wi-Fi and the ability to upload additional files.
Among the newer functionalities of Massistant is its ability to extract data from third-party messaging apps. In addition to Telegram, the application can access content from Signal and Letstalk—a Taiwanese chat platform with over 100,000 installations on Android.
Photographs published on Meiya Pico’s official website showcase an iPhone connected to forensic hardware, suggesting that a parallel solution may exist for Apple devices. This inference is supported by patents filed by the company, including one for identifying users via voiceprint analysis.
Lookout highlights that Meiya Pico maintains close collaboration with both domestic and international law enforcement agencies, providing not only software and hardware solutions but also training programs. Back in 2017, The Wall Street Journal reported that police in Ürümqi utilized Meiya Pico’s equipment to scan smartphones for extremist content.
In 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on Meiya Pico for its involvement in biometric surveillance and monitoring of ethnic and religious minorities, including the predominantly Muslim population of the Xinjiang Uyghur Autonomous Region. This activity had also been previously documented by the South China Morning Post.
Lookout cautions that travel to mainland China may entail the risk of device seizure and analysis under lawful interception programs—particularly for tourists, business travelers, and individuals of strategic interest.
This publication follows a previous report by Lookout, released just months earlier, which exposed another spyware tool—EagleMsgSpy—believed to be employed by Chinese law enforcement for lawful data interception from mobile devices.
