WeChat Found Scanning User Photos in the Background as a Routine

Last updated October 9, 2021
Written by:
Lore Apostol
Lore Apostol
Infosec Writer & Editor

A discovery was published recently, revealing how WeChat periodically scans user photo albums, which means Tencent's app is accessing private data without requesting permission. The proof was posted on Weibo by a tech influencer named Hackl0us, and it consisted of screenshots from Apple's new "Record App Activity" feature in iOS 15.

The user goes on to tell how a friend turned on the new iOS 15 feature to monitor all apps for seven days, and that is how they discovered that WeChat, QQ, Taobao, and other Chinese apps constantly scan user photo albums in the background, even without the app being in use in the moment of the scan.

This looks like over-requesting, considering some of the apps mentioned above are reading even while the user is sleeping. Besides, this needless activity occupies RAM and consumes the phone's battery.

They also offer a few steps to solve this privacy issue, at least partially, from the WeChat Settings page:

They go on and recommend offering minimal permissions for other domestic apps as well, by cutting off things that specific apps don't use, like location tracking or the background automatic refresh function. In the end, they challenged the Tencent WeChat team to explain themselves.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: