Advanced Chinese Trojan Attacking Jailbroken Devices Through WhatsApp

Rafia Shaikh
Posted Oct 1, 2014
12Shares
Share Tweet Submit

Jailbroken devices vulnerable to trojan attacks:

The discovery has been made by a mobile security firm Lacoon that confirms that an advanced trojan called Xsser mRAT in China affects jailbroken devices. This iOS trojan is similar to another that has been attacking Android devices and is being broadly distributed in Hong Kong. WhatsApp is the medium which is being used to spread this spyware. A link is shared through this cross-platform messaging app, which then infects the device, specifically jailbroken iPhone, iPad, and the iPod touch devices.

This particular attack carries a significant importance because it could be used as part of a larger attack in order to gather data, spy, or perform any such hideous online crimes. This type of attack is pretty rare on both the Android and iOS platforms, and further lessens the effect as the attack is targeted at the jailbroken devices.

Lacoon report claims that this type of targeted attack could potentially be a Chinese government attack on Chinese dissidents. If that proves to be true, we could experience massive international outcry from users and activists alike. States have historically devised ways to spy and silent the dissidents. With online communications getting stronger presence and posing as major help especially for protesters and activists, government officials worldwide are trying to strengthen their cyber surveillance technologies too.

The Xsser mRAT represents a fundamental shift by nation-state cybercriminals from compromising traditional PC systems to targeting mobile devices. The risks extend well beyond the personal user to any enterprise with employees using mobile devices — company-provided or employee-liable — for business purposes. When infected, Xsser mRAT exposes virtually any information on iOS devices including SMS, email, and instant messages, and can also reveal location data, usernames and passwords, call logs and contact information.

To avoid the risk of being attacked by this trojan, make sure that either you don’t jailbreak your device or if you do, then stick to trusted repositories. You can read more details and specifics about this particular iOS trojan attack through Lacoon.

Share Tweet Submit