Chinese security forces have been found using a new spyware called “Massistant” to extract data from physically seized smartphones. A report by mobile cybersecurity firm Lookout reveals that the software was developed by the Chinese technology company Xiamen Meiya Pico.
China in the news with its new spyware
Massistant operates on Android devices after physical access is gained. Installed while the phone is unlocked, the software is activated via specialized hardware connected to a desktop computer.
This tool allows the copying of virtually all private data on phones, including text messages, conversations in encrypted messaging apps like Signal, photos, location histories, voice recordings, and contact lists.

Massistant is reportedly developed for digital forensics. However, in field applications, the software is primarily used for comprehensive surveillance and tracking. Since 2024, security forces in China have been able to search individuals’ phones without a court order or suspicion of a crime. Therefore, when citizens are asked to surrender their phones at checkpoints, this request cannot be objected to.
Lookout researcher Kristina Balaam specifically warns users traveling to China. According to the statement, devices entering the country may be physically examined, and all their data may be copied, posing a significant privacy risk.
Once installed, Massistant leaves traces on the device. These traces can be detected and deleted by advanced users using tools like Android Debug Bridge. However, the data is already collected the moment the software is installed, meaning deletion cannot prevent data leaks.
Images on Xiamen Meiya Pico’s official website show iPhones connected to the system. This suggests the company is likely working on an iOS-compatible version. However, there is currently no direct evidence of a clear Massistant version targeting Apple devices.
The report also highlights the existence of a widespread digital surveillance infrastructure in China based on the use of malware, not limited to Massistant. It is reported that at least 15 different malware families are actively used, and that these programs are being implemented as an integrated system by security units and judicial institutions.
These developments reveal the extent to which digital surveillance activities have become institutionalized in China and the extent to which the boundaries of citizens’ and visitors’ digital privacy have been pushed.