My2022, the mandatory app for the upcoming Beijing Winter Olympics, was discovered to have a security flaw, cybersecurity experts said.
According to the analysts, attendees, athletes, and media will mandatorily use this application as part of China's COVID-19 monitoring requirement.
Chinese Olympics App is Flawed
According to a report by 9to5Mac, cybersecurity firm Citizen Lab recently discovered that the Olympics app could reportedly leak important details of a user. These include personal information such as email address, password, and medical data.
The team concluded that MY2022 failed to validate the SSL certificate. This could mean that a remote attacker could potentially spoof the app servers to transmit a malicious file to the host.
Despite many warnings about this app, China remained silent regarding its security concerns.
Ahead of the upcoming Beijing Olympics on Feb. 4, all audiences will be required to have their email accounts. They should also bring burner phones for privacy reasons, per Internet 2.0 on Tuesday, Jan. 19.
Because of this alarming concern, many countries suggested that their athletes should refrain from carrying their main devices in China.
Related Article : China Unveils e-CNY Digital Yuan App on its Pilot Version | Can it be Used For the Upcoming Beijing Winter Olympics?
Censored Keywords in MY2022
Another story from BBC pointed out Citizen Lab's report about the app's censorship concern. According to the cybersecurity company, MY2022 has a feature that lets people flag words that are "politically sensitive" in nature.
The censored keywords include the names of the Chinese government agencies and political figures. It was also mentioned that the 1989 Tiananmen Square protest and the Falun Gong group were on the list.
Commonly, this feature exists in almost all Chinese apps. However, the security analysts said that it still carries a huge risk to a user. In addition, the file containing "illegal words" in the app was now deemed to be inactive, but the experts did not know the reason why it went dormant.
14 days before the Beijing Winter Olympics kicks off, all foreign and local visitors will be required to download the MY2022 app. This will be used to keep track of their COVID status.
Global Times dismissed the news about the app's data concerns. It said that it would guarantee that "all personal information will be encrypted."
Why Burner Phones Pose Risk to Users
Earlier, Internet 2.0 mentioned that users were mandated to use burner phones only during the Olympics. However, it added that security risks could appear upon using them.
According to the report, one of the alarming parts of using Chinese apps is the possibility of having your data leaked.
For instance, Qi-Anxin VPN was reportedly collecting users' information without their permission. These details can be easily accessed by the authorities upon request.
If you want to check more stories about cybersecurity, don't forget to read our November report about the most influential ransomware attacks in 2021.
In the field of business, Microsoft completed the acquisition of Activision Blizzard in a $68.7 billion deal.
This article is owned by Tech Times
Written by Joseph Henry