Firm says phone apps spy on Hong Kong protesters

AP Photo/Wong Maye-EStudent pro-democracy activists use their smartphones while sitting on the streets near the government headquarters

AP Photo/Wong Maye-EStudent pro-democracy activists use their smartphones while sitting on the streets near the government headquarters

The Chinese government might be using smartphone apps to spy on pro-democracy protesters in Hong Kong, a U.S. security firm said.

The applications are disguised as tools created by activists, said the firm, Lacoon Mobile Security. It said that once downloaded, they give an outsider access to the phone's address book, call logs and other information.

The identities of victims and details of the servers used “lead us to believe that the Chinese government are behind the attack,” said a Lacoon statement.

China is, along with the United States and Russia, regarded as a leader in cyber warfare research. Security experts say China is a leading source of hacking attacks aimed at foreign governments and companies to computers in China.

The Chinese government has denied engaging in cyberspying and says China is among the biggest victims of hacking attacks.

Lacoon said it found two similar “malicious, fake” apps that appeared to be related. One targets phones that run Apple Inc.'s iOS operating system; the other is meant for phones using Google Inc.'s Android system.

The “very advanced software,” known as an mRAT, or multidimensional requirements analysis tool, “is undoubtedly being backed by a nation state,” the company said. Lacoon said it was calling the software Xsser.

“The Xsser mRAT represents a fundamental shift by nation-state cybercriminals from compromising traditional PC systems to targeting mobile devices,” the company said.

Such “cross-platform attacks” that target both Apple and Android phones are rare, which adds to signs a government is involved, Lacoon said. It said the app might be the first spyware for iOS created by a Chinese government entity.

In May, U.S. prosecutors charged five Chinese military officers with cyberspying and stealing trade secrets from major American companies. A security firm, Mandiant, said last year it traced attacks on American and other companies to a military unit in Shanghai.

businessDemonstrationsHong KongprotestsScience & Technology

If you find our journalism valuable and relevant, please consider joining our Examiner membership program.
Find out more at www.sfexaminer.com/join/

Just Posted

A “for rent” sign outside an apartment complex in the Mission District on Monday, Nov. 30, 2020. (Kevin N. Hume/S.F. Examiner)
Housing inventory wins unanimous approval from supervisors

Legislation will require landlords to register properties, report vacancies and rents

Dr. Grant Colfax and Mayor London Breed said new restrictions could come this week due to rising COVID-19 cases. (Examiner screenshot)
Breed: ‘More restrictive action’ needed to slow spread of COVID-19

San Francisco officials said Tuesday tougher restrictions will soon be imposed to… Continue reading

Harlan Kelly, head of the SFPUC and husband to City Administrator Naomi Kelly (right), faces federal charges for allegedly trading inside information on a city contract in return for a paid family vacation. (Courtesy photo)
Harlan Kelly, head of SFPUC, charged with fraud in widening Nuru scandal

Kelly accused of engaging in corrupt partnership with permit expediter

Jeff Tumlin, director of transportation for the San Francisco Municipal Transportation Agency, said the agency’s fiscal situation is “far worse” than the worse case scenarios projected back in April. (Kevin N. Hume/S.F. Examiner)
SFMTA prepares for massive potential layoffs as budget crisis continues to build

More than 1,200 full-time jobs on the line as agency struggles to close deficit

California Gov. Gavin Newsom is weighing further restrictions as COVID-19 cases rise. (Genaro Molina/Pool/Los Angeles Times/TNS)
Newsom considering new shelter-in-place order as COVID-19 cases rise

Gov. Gavin Newsom on Monday warned that he may need to reinstate… Continue reading

Most Read