China Fires Mobile Trojans at HK Protestors as Crowds Surge

Written by

China appears to be rolling out the big guns in an attempt to censor content and snoop on pro-democracy activists in Hong Kong, after Yahoo appeared to suffer a Man in the Middle attack and researchers spotted new mobile trojans doing the rounds.

Israeli security firm Lacoon claimed to have discovered a rare cross-platform mobile Remote Access Trojan (RAT) attack “distributed broadly in Hong Kong.”

Last Thursday it discovered a piece of Android spyware disguised as an app to help co-ordinate the Occupy Central protests which have rocked Hong Kong over the past few days.

However, after investigating the threat the firm has now found an iOS trojan using the same C&C domain, dubbed Xsser.

“Cross-platform attacks that target both iOS and Android devices are rare, and indicate that this may be conducted by a very large organization or nation state,” Lacoon wrote in a blog post.

“The fact that this attack is being used against protesters and is being executed by Chinese-speaking attackers suggests it’s first iOS trojan linked to Chinese government cyber activity.”

Xsser has been designed to steal SMS, email and instant messages as well as reveal location data, usernames and passwords, call logs and contact information, the firm said.

Lacoon has no information on the vector of the iOS attack, although a device has to be jailbroken for it to work.

However, the Android app was distributed via Whatsapp with the unsolicited message: “Check out this Android app designed by Code4HK, group of activist coders,  for the coordination of Occupy Central!”

In related news, anti-censorship body claimed yesterday that the main Yahoo site in China has been hit with a Man in the Middle (MITM) attack.

The Chinese have previous when it comes to launching MITM attacks against popular foreign-run sites – having struck Github and Google in the past. It’s becoming an increasingly popular way for them not only to censor such sites but also monitor usage.

The latest moves are indicative of the seriousness with which Beijing is treating the unprecedented pro-democracy protests Hong Kong.

Seeing the center of one of the world’s great cities brought to a standstill on National Day – usually associated with plenty Communist Party self-aggrandizement – will be a bitter and humiliating pill for the Beijing hierarchy to swallow, even if most of its citizens are forbidden from accessing such images.

What’s hot on Infosecurity Magazine?