Home / / Hong Kong protesters hit with malware

Hong Kong protesters hit with malware

Cyber-sec firm identifies remote access Trojan on activists’ devices; suggests Chinese govt plot

Tens of thousands of people pack the streets at the protest site on October 1, 2014 in Hong Kong. Xsser mRAT exposes ‘virtually all’ of a device’s information, according to Lacoon Mobile Security.
Tens of thousands of people pack the streets at the protest site on October 1, 2014 in Hong Kong. Xsser mRAT exposes ‘virtually all’ of a device’s information, according to Lacoon Mobile Security.

Hong Kong's Occupy Central pro-democracy movement has been hit with a remote-access Trojan, the Register reported.

According to cyber-sec specialist Lacoon Mobile Security, Xsser mRAT spyware, running on iOS and Android, was installed on protesters' devices, disguised as an app to help organise protests.

Lacoon founder Ohad Bobrov said that the malware's compatibility with both iOS (this version only works on jail-broken iPhones) and Android, suggested a state-sponsored project.

"Cross-Platform attacks that target both iOS and Android devices are rare, and indicate that this may be conducted by a very large organisation or nation state," Bobrov wrote.

"The fact that this attack is being used against protesters and is being executed by Chinese-speaking attackers suggests its first iOS Trojan linked to Chinese Government cyber activity.

Xsser mRAT exposes "virtually all" of a device's information, including location and user information, and gives access to SMS and call logs.

CHANNEL AWARD 2018