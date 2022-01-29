File image of the clock indicating the countdown to the start of the Beijing 2022 Winter Olympics, in the Chinese capital. EFE/EPA/WU HONG



Shortly after the start of Winter Olympics in Beijing, Chinait has been revealed that the MY 2022 application that must be installed on a mandatory basis all attendees has vulnerabilities, but the worst thing is that it could collect private information ranging from Olympic coupons to calls and banking information.

In addition to the diplomatic incidents that have occurred and the increase in infections, he has now highlighted that the application that athletes must install could be used to spy on event participants.

The MY 2022 application which must be downloaded on iOS and Android devices, allegedly records the audio of the participants, analyzes it and sends it to Chinese servers, in addition to collecting other private information.

The alleged actions of the application would have been detected by the cybersecurity expert Johnathan Scott from your Twitter account. Tas an analysis of reverse engineering, detailed all the serious elements of My 2022.

(Photo: Screenshot)

According to their research, “all Olympic audio is collected, analyzed and stored on Chinese servers using technology from a US blacklisted AI firm.”

Added to this, in his analysis he points out that also collects information for third parties such as transaction history, balances, coupons, exchangeable game codes, bank card information and more.

And it is that it also takes as a reference a text that the cybersecurity company, Citizen Lab initially sent to the informative site dw, where they discovered that the app had insufficient encryption measures.

“Citizen Lab researcher Jeffrey Knockel says the vulnerability not only involves health data, but other important app services as well. This includes the service processes all attachments as well as the transfer of voice audios”, pointed out the medium.

(Photo: Screenshot)

They reported that the specialist maintains that they have discovered that in some services the data traffic is not encrypted at all, which makes the application extremely vulnerable to hacker attacks.

Technically, it refers to the fact that the application’s SSL certificates, which must guarantee that data traffic is only exchanged between devices and trusted servers, are not validated, resulting in this information is vulnerable to being intercepted by anyone.

“Our findings expose how My2022 security measures are totally insufficient to prevent sensitive data from being disclosed to unauthorized third parties,” Knockel said in the document cited by DW.

According to the release of the International Olympic Committee (IOC), athletes, reporters, sports officials and other participants in the Winter Olympics must install the application developed by China with the aim of track potential COVID-19 infections.

EFE/EPA/ROMAN PILIPEY/Archive



To use it you must enter passport, flight and sensitive information about possible symptoms of COVID-19 such as fever, fatigue, headache, dry cough, diarrhea, sore throat, among others. Foreigners must enter all these data from 14 days before arriving in China.

In this way, specialists point out that the application is not only being used to track infections but also to locate people, regulate access but it could also be used for espionage purposes.

Another feature of the application is that it could have a type of censorship, since they have found that it has a black list of words. ‘”illegalwords.txt’ is currently not being used, My2022 already contains code functions that are able to read this file and use it for censorship. Activating the list for censorship purposes would require little effort.”

KEEP READING:

Sailor Moon movie released in virtual reality that allows Pegasus to fly with Chibiusa

Face ID can now be used with everything and face masks in this update

Used sex robots are selling like hotcakes