Firm says phone apps spy on Hong Kong protesters

AP Photo/Wong Maye-EStudent pro-democracy activists use their smartphones while sitting on the streets near the government headquarters

AP Photo/Wong Maye-EStudent pro-democracy activists use their smartphones while sitting on the streets near the government headquarters

The Chinese government might be using smartphone apps to spy on pro-democracy protesters in Hong Kong, a U.S. security firm said.

The applications are disguised as tools created by activists, said the firm, Lacoon Mobile Security. It said that once downloaded, they give an outsider access to the phone's address book, call logs and other information.

The identities of victims and details of the servers used “lead us to believe that the Chinese government are behind the attack,” said a Lacoon statement.

China is, along with the United States and Russia, regarded as a leader in cyber warfare research. Security experts say China is a leading source of hacking attacks aimed at foreign governments and companies to computers in China.

The Chinese government has denied engaging in cyberspying and says China is among the biggest victims of hacking attacks.

Lacoon said it found two similar “malicious, fake” apps that appeared to be related. One targets phones that run Apple Inc.'s iOS operating system; the other is meant for phones using Google Inc.'s Android system.

The “very advanced software,” known as an mRAT, or multidimensional requirements analysis tool, “is undoubtedly being backed by a nation state,” the company said. Lacoon said it was calling the software Xsser.

“The Xsser mRAT represents a fundamental shift by nation-state cybercriminals from compromising traditional PC systems to targeting mobile devices,” the company said.

Such “cross-platform attacks” that target both Apple and Android phones are rare, which adds to signs a government is involved, Lacoon said. It said the app might be the first spyware for iOS created by a Chinese government entity.

In May, U.S. prosecutors charged five Chinese military officers with cyberspying and stealing trade secrets from major American companies. A security firm, Mandiant, said last year it traced attacks on American and other companies to a military unit in Shanghai.

businessDemonstrationsHong KongprotestsScience & Technology

Just Posted

On Sunday, California bore the brunt of what meteorologists referred to as a bomb cyclone and an atmospheric river, a convergence of storms that brought more than half a foot of rain to parts of the Bay Area, along with high winds, concerns about flash floods and the potential for heavy snow in the Sierra Nevada. Much of the Bay Area was under a flash flood watch on Sunday, with the National Weather Service warning of the potential for mudslides across the region. (NOAA via The New York Times)
Bomb cyclone, atmospheric river combine to pummel California with rain and wind

What you need to know about this historic weather event

National Weather Service flood watch in the San Francisco Bay Area for Sunday, Oct. 24, 2021. (National Weather Service via Bay City News)
Storm pounds Bay Area, leaving over 145,000 without power: Closures and updates

Torrential rainfall causes flooding, triggers evacuations in burn areas

Plan Bay Area 2050 is an expansive plan guiding the region’s growth and development over the next three decades. The regional plan addresses progressive policy priorities like a universal basic income and a region-wide rent cap, alongside massive new spending on affordable housing and transportation infrastructure. (Shutterstock)
Plan Bay Area 2050: Analyzing an extensive regional plan that covers the next 30 years

Here are the big ticket proposals in the $1.4 trillion proposal

A collaborative workspace for a decentralized autonomous organization (DAO) in Coordinape is pictured at a recent blockchain meet up at Atlas Cafe. <ins>(Kevin N. Hume/The Examiner)</ins>
Business without bosses: San Francisco innovators battle bureaucracy with blockchain

‘The next generation will work for three DAOs at the same time’

Most Read