Hong Kong protesters hit with malware

Cyber-sec firm identifies remote access Trojan on activists’ devices; suggests Chinese govt plot

Tags: Hong Kong
  • E-Mail
Hong Kong protesters hit with malware Tens of thousands of people pack the streets at the protest site on October 1, 2014 in Hong Kong. Xsser mRAT exposes ‘virtually all’ of a device’s information, according to Lacoon Mobile Security. (Getty Images)
By  Stephen McBride Published  October 2, 2014

Hong Kong's Occupy Central pro-democracy movement has been hit with a remote-access Trojan, the Register reported.

According to cyber-sec specialist Lacoon Mobile Security, Xsser mRAT spyware, running on iOS and Android, was installed on protesters' devices, disguised as an app to help organise protests.

Lacoon founder Ohad Bobrov said that the malware's compatibility with both iOS (this version only works on jail-broken iPhones) and Android, suggested a state-sponsored project.

"Cross-Platform attacks that target both iOS and Android devices are rare, and indicate that this may be conducted by a very large organisation or nation state," Bobrov wrote.

"The fact that this attack is being used against protesters and is being executed by Chinese-speaking attackers suggests its first iOS Trojan linked to Chinese Government cyber activity.

Xsser mRAT exposes "virtually all" of a device's information, including location and user information, and gives access to SMS and call logs.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code