Submission + - Malware program targets Hong Kong protesters using Apple devices (pcworld.com)
mpicpp writes: A malware program that targets Hong Kong activists using Apple devices has trademarks of being developed by a nation-state, possibly China, according to a security company.
Lacoon Mobile Security of San Francisco wrote on its blog on Tuesday that the malware, called Xsser mRAT, is the “first and most advanced, fully operational Chinese iOS trojan found to date.”
The Apple malware is related to a malicious Android one found last month that advertised itself as a way for activists to coordinate protests, Lacoon wrote.
Hong Kong has seen massive demonstrations after China moved to only allow candidates it approves to run in the election of the territory’s chief executive in 2017. Activists charge China reneged on a promise of an election without restrictions.
It’s not usual to see malware emerge that has been customized to capitalize on current events, and security experts have long documented programs suspected to have been created to monitor dissidents and activists.
Xsser mRAT can steal SMS messages, call logs, location data, photos, address books, data from the Chinese messaging application Tencent and passwords from the iOS keychain, Lacoon wrote.
“Although it shows initial signs of being a targeted attack on Chinese protesters, the full extent of how Xsser mRAT is being used is anyone’s guess,” the company wrote. “It can cross borders easily, and is possibly being operated by a Chinese-speaking entity to spy on individuals, foreign companies or even entire governments.”
Lacoon Mobile Security of San Francisco wrote on its blog on Tuesday that the malware, called Xsser mRAT, is the “first and most advanced, fully operational Chinese iOS trojan found to date.”
The Apple malware is related to a malicious Android one found last month that advertised itself as a way for activists to coordinate protests, Lacoon wrote.
Hong Kong has seen massive demonstrations after China moved to only allow candidates it approves to run in the election of the territory’s chief executive in 2017. Activists charge China reneged on a promise of an election without restrictions.
It’s not usual to see malware emerge that has been customized to capitalize on current events, and security experts have long documented programs suspected to have been created to monitor dissidents and activists.
Xsser mRAT can steal SMS messages, call logs, location data, photos, address books, data from the Chinese messaging application Tencent and passwords from the iOS keychain, Lacoon wrote.
“Although it shows initial signs of being a targeted attack on Chinese protesters, the full extent of how Xsser mRAT is being used is anyone’s guess,” the company wrote. “It can cross borders easily, and is possibly being operated by a Chinese-speaking entity to spy on individuals, foreign companies or even entire governments.”