Wednesday, 1 October 2014

Chinese iOS trojan attacks jailbroken devices


Mobile security firm Lacoon has discovered an
advanced iOS trojan in China that affects jailbroken
devices and is allegedly linked to similar Android
spyware already being broadly distributed in Hong
Kong through a link shared via cross-platform
messaging app WhatsApp.
The newly discovered trojan is called Xsser mRAT and
has the potential to infect jailbroken iPhone, iPad and
iPod touch devices. The report claims that cross-
platform attacks on both iOS and Android are rare, with
Lacoon suggesting that it could be a targeted attack on
Chinese protesters by the Chinese government.
The trojan is significant because it could also be used
as part of a large-scale attack by Chinese-speaking
entities to spy on individuals, companies and even
governments in foreign countries. Although, the fact
that it is limited to jailbroken devices on iOS lessens
the threat.
“When infected, Xsser mRAT exposes virtually any
information on iOS devices including SMS, email,
and instant messages, and can also reveal location
data, usernames and passwords, call logs and
contact information.”
It appears that targeted users would have to install a
malicious app through a non-default Cydia repository,
further mitigating the risk that jailbroken users will be
affected. Nevertheless, it is a good reminder to
always make sure you are using trusted repositories.
If you are running iOS 8 or have not jailbroken your
iPhone, iPad or iPod touch, this Chinese trojan should
not be a threat to you.

No comments:

Post a Comment