[Chapter-delegates] HK Protesters Targeted with Spyware

Thu Oct 2 18:34:44 PDT 2014

Great! Thank you

Carlos Vera Quintana
0988141143
Sígueme @cveraq

> El 2/10/2014, a las 19:41, Narelle Clark <narelle at isoc-au.org.au> escribió:
> 
> Anyone know how to test for it, and then how to clean it off?
> 
> 
> There is this article from Time:
> 
> Hong Kong Democracy Protesters Are Being Targeted by Malicious Spyware
> Charlie Campbell @charliecamp6ell
> Oct. 1, 2014
> 
> The culprit is "a very large organization or nation state," experts say
> 
> A computer virus that spies on Apple’s iPhone and iPad operating
> system is targeting pro-democracy protesters in Hong Kong, according
> to tech experts.
> 
> Known as Xsser, the malicious software is capable of harvesting data
> including text messages, photos, data logs and passwords from mobile
> devices, Lacoon Mobile Security said Tuesday.
> 
> The spyware is hosted on the same Command and Control domain as an
> existing fake program for the Android operating system that was
> disguised as a protest-organizing app and distributed around Hong Kong
> last week.
> 
> Etc at:
> 
> http://time.com/3451393/hong-kong-spyware-hacking-occupy-central-apple/
> 
> 
> Or the Sydney Morning Herald:
> 
> Sophisticated trojan virus targets HK protesters' iPhones
> 
> Date October 1, 2014
> 
> Cybersecurity researchers have uncovered a computer virus that spies
> on Apple's iOS operating system for the iPhone and iPad, and they
> believe it is targeting pro-democracy protesters in Hong Kong.
> 
> The malicious software, known as Xsser, is capable of stealing text
> messages, photos, call logs, passwords and other data from Apple
> mobile devices, researchers with Lacoon Mobile Security has said.
> 
> They uncovered the spyware while investigating similar malware for
> Google's Android operating system last week that also targeted Hong
> Kong protesters. Anonymous attackers spread the Android spyware via
> WhatsApp, sending malicious links to download the program, according
> to Lacoon.
> 
> It is unclear how iOS devices get infected with Xsser, which is not
> disguised as an app, but researchers have pointed out that the malware
> only works on jailbroken devices.
> 
> Lacoon Chief Executive Michael Shaulov told Reuters that Xsser is the
> most sophisticated malware used to date in any known cyberattack on
> iOS users.
> 
> "This is one the most interesting developments we have seen," he said.
> "It's the first real indication that really sophisticated guys are
> shifting from infecting PCs or laptops to going after iOS devices."
> 
> The code used to control a server discovered by the researchers is
> written in Chinese. The high quality of the campaign and the fact it
> is being used to target protesters suggests that it is coming from a
> sophisticated attacker in China, Shaulov said.
> 
> "It is the first time in history that you actually see an
> operationalised iOS Trojan that is attributed to some kind of Chinese
> entity," he said.
> 
> A Trojan is a term used by cyber researchers to describe malware that
> enters a device disguised as something harmless.
> 
> Still, he said that his company's research team has yet to identify
> any specific victims of the iOS Trojan.
> 
> Lacoon said on its blog that it is possible the attackers might have
> deployed the Trojan in other places, in addition to spying on
> pro-democracy protesters in Hong Kong.
> 
> "It can cross borders easily, and is possibly being operated by a
> Chinese-speaking entity to spy on individuals, foreign companies, or
> even entire governments," they said in a blog post describing their
> analysis.
> 
> 
> http://www.smh.com.au/it-pro/security-it/sophisticated-trojan-virus-targets-hk-protesters-iphones-20140930-10ofb5.html
> 
> 
> All the best, and especially to Chester, Ping and the others.
> 
> 
> Narelle
> 
> 
> 
>> On Fri, Oct 3, 2014 at 1:24 AM, info at isoc.org.ec <info at isoc.org.ec> wrote:
>> Is there a URL to look for this info?
>> 
>> Carlos Vera
>> Internet Society Ecuador
>> www.isoc.org.ec
>> Síguenos @isocec
>> 
>>> El 2/10/2014, a las 5:52, Kathy Brown <brown at isoc.org> escribió:
>>> 
>>> Chester, thank you for this communication. You, all of our Chapter members and, especially the young people of Hong Kong have been close to our thoughts and worries. Please let us know how we can be of help. Your ISOC family is nearby. Kathy
>>> 
>>>> On Oct 2, 2014, at 2:58 AM, "chester at soong.net" <chester at soong.net> wrote:
>>>> 
>>>> Dear All,
>>>> 
>>>> I joined the protest for 3 days and some of my friends in the IT profession were there on the most violent day and being pepper-sprayed, hit, and tear-gased!
>>>> 
>>>> We did worry about that but the Chief Executive of HK can, under his authority, to shut down and intercept all telecommunications on an executive order. So most of us have turned to Firechat now, and we almost held a talk with Micha Benoliel as he happened to be in HK. Now, it is not about getting your phone hacked or communications sniffed anymore. It has gone back to traditional government suppressing of protests with people infiltrating into the largely peaceful protests and stir up unrests! Honestly, I worry about how this will end. This has gone beyond the Internet, but it has helped us so far in spreading the truth and unveiling the issues.
>>>> 
>>>> Regards,
>>>> 
>>>> 
>>>> Chester
>>>> 
>>>> On Wed, 1 Oct 2014 20:17:16 -0400
>>>> Glenn McKnight <mcknight.glenn at gmail.com> wrote:
>>>>> Protesters in Hong Kong calling for democracy reforms are being targeted by
>>>>> spyware that can affect both iPhones and smartphones running Google’s
> 
> 
> 
> 
> -- 
> 
> 
> 
> Narelle Clark
> Immediate Past President and Board Member
> Internet Society of Australia
> 
> narelle at isoc-au.org.au
> www.isoc-au.org.au
> The Internet is for Everyone!