Saturday Sitrep

The People’s Republic of China (PRC) is forcing foreign travelers to install software on their phone when they enter the Xianjing province that aggressively invades their privacy. The software takes their texts, calendar, phone logs, and other sensitive information for the PRC government. The software lingers on the device, continually scanning for new data to steal. Additionally, it scans any device it’s on for certain words and files, in this case, anything related to Islam and some Japanese bands. The malware is called BXAQ or Fengcai, and besides taking data it also pulls username and other info out of all installed apps on the traveler’s phone. Passing through the PRC border at Xianjing gives the PRC everything they need to get into any account you might have linked to your phone or to later steal your identity. The Xianjing region is already heavily surveilled by the PRC government in their ongoing actions against the Uighur population in the area. If you’re traveling to the PRC, we recommend that you buy a burner phone with as little information on it as possible.
Source: China Is Forcing Tourists to Install Text-Stealing Malware at its Border

Heimdel Malware Protection
Heimdel Malware Protection

The United Kingdom’s largest forensic firm paid ransom cost after malware took over their systems. Eurofins was targeted on June 2nd, and after three weeks they reportec that their systems were returning to normal. The BBC has reported that they paid the ransom, but did not disclose how much. The attack has cost Eurofin the lion’s share of their business with all police work stopped for the time being. Euforfin handles ~50% of all forensic work done in the United Kingdom. This has rippled across the law enforcement sphere, as ongoing cases and prosecutions are now allowed to access the files that Eurofin holds. Those cases are forced to wait or start the forensic process over again. At the moment, investigators have not found any file transfer or theft. It is possible that this attack was purely for cash, but most malware attacks steal files for added value.
Source: Hacked forensic firm pays ransom after malware attack