SoylentNews is people
SoylentNews
Submission Preview
Sophisticate iOS malware targets Hong Kong protesters (for now)
Cybersecurity researchers have uncovered a computer virus that spies on Apple Inc's iOS operating system for the iPhone and iPad, and they believe it is targeting pro-democracy protesters in Hong Kong.
The malicious software, known as Xsser, is capable of stealing text messages, photos, call logs, passwords and other data from Apple mobile devices, researchers with Lacoon Mobile Security said on Tuesday.
The original post on Lacoon's Web site [lacoon.com] (which Reuter used) notes:
A link to the Android spyware, disguised as an app to help coordinate Occupy Central protests in Hong Kong, was sent as an anonymous message to Whatsapp users there on Thursday. In its investigation of that spyware, Lacoon uncovered the Xsser mRAT hosted on the same Command and Control (CnC) domain with the project being named Xsser. Though called Xsser, this is not related to an XSS attack.
The Xsser mRAT is itself significant because while there have been other iOS trojans found previously, this is the first and most advanced, fully operational Chinese iOS trojan found to date. Although it shows initial signs of being a targeted attack on Chinese protesters, the full extent of how Xsser mRAT is being used is anyone’s guess. It can cross borders easily, and is possibly being operated by a Chinese-speaking entity to spy on individuals, foreign companies, or even entire governments.
[...]When infected, Xsser mRAT exposes virtually any information on iOS devices including SMS, email, and instant messages, and can also reveal location data, usernames and passwords, call logs and contact information.
In the meantime, Bloomberg says [bloomberg.com] the U.S. Law Enforcement seeks to halt Apple/Google encryption of mobile data, but are not sure how to proceed: appeal to executives or seek congressional legislation.
Looks like the US and Chinese agencies aren't that dissimilar: both sides want the citizens with the pants down and the lubrication applied on their own expense (paid by taxes).
