Hong Kong protesters hit with malware
Cyber-sec firm identifies remote access Trojan on activists’ devices; suggests Chinese govt plot
Hong Kong's Occupy Central pro-democracy movement has been hit with a remote-access Trojan, the Register reported.
According to cyber-sec specialist Lacoon Mobile Security, Xsser mRAT spyware, running on iOS and Android, was installed on protesters' devices, disguised as an app to help organise protests.
Lacoon founder Ohad Bobrov said that the malware's compatibility with both iOS (this version only works on jail-broken iPhones) and Android, suggested a state-sponsored project.
"Cross-Platform attacks that target both iOS and Android devices are rare, and indicate that this may be conducted by a very large organisation or nation state," Bobrov wrote.
"The fact that this attack is being used against protesters and is being executed by Chinese-speaking attackers suggests its first iOS Trojan linked to Chinese Government cyber activity.
Xsser mRAT exposes "virtually all" of a device's information, including location and user information, and gives access to SMS and call logs.