Notice regarding the use of the WeChat mobile app

2023-11-30

Dear Users,

on 30th November 2023 a notice was issued from the National Cyber and Information Security Agency (NÚKIB) regarding the use of the WeChat mobile app and its Chinese version of Tencent’s Wixin.

From a cybersecurity point of view, WeChat, like TikTok, collects excessive amounts of user data to help attackers target an attack on a user or blackmail them.

Protect your privacy and our University from a cyber attack.

In particular, the app collects information from your mobile phones

• when mapping devices, the app collects information about other running and installed applications
• private communication content
• regularly checks the device’s location
• has access to contacts on the device
• collects device information including Wi-Fi SSID, previous Wi-Fi configuration, device serial number and SIM card, device ID, device IMEI, MAC address, phone number, list of all user accounts used on the device and complete access to the clipboard
• maintains persistent access to the calendar allowing it to be read and changed, or
• enforces the use of a native browser that allows you to track almost all user activity (e.g. keystrokes on the screen)

Based on the Warning issued, we take precautions:

If you have a WeChat application on a business device (mobile phone, laptop, tablet) or on a private device that you are connecting to our network (laptop with VPN, etc.), you need to uninstall the WeChat application from these devices and do not use its web version.

More information directly on the NÚKIB website

Thank you for your cooperation,

Cyber Security Manager of Charles University