Advanced Chinese Trojan Attacking Jailbroken Devices Through WhatsApp
Jailbreaking your iOS device has never been a good idea. However, considering the immense amount of customization that it gives, jailbreaking has remained a favorite for many users. While there are always security concerns surrounding jailbroken devices, there has been a fairly recent issue of an advanced Chinese trojan attacking the iOS JB devices.
Jailbroken devices vulnerable to trojan attacks:
The discovery has been made by a mobile security firm Lacoon that confirms that an advanced trojan called Xsser mRAT in China affects jailbroken devices. This iOS trojan is similar to another that has been attacking Android devices and is being broadly distributed in Hong Kong. WhatsApp is the medium which is being used to spread this spyware. A link is shared through this cross-platform messaging app, which then infects the device, specifically jailbroken iPhone, iPad, and the iPod touch devices.
This particular attack carries a significant importance because it could be used as part of a larger attack in order to gather data, spy, or perform any such hideous online crimes. This type of attack is pretty rare on both the Android and iOS platforms, and further lessens the effect as the attack is targeted at the jailbroken devices.
Lacoon report claims that this type of targeted attack could potentially be a Chinese government attack on Chinese dissidents. If that proves to be true, we could experience massive international outcry from users and activists alike. States have historically devised ways to spy and silent the dissidents. With online communications getting stronger presence and posing as major help especially for protesters and activists, government officials worldwide are trying to strengthen their cyber surveillance technologies too.
The Xsser mRAT represents a fundamental shift by nation-state cybercriminals from compromising traditional PC systems to targeting mobile devices. The risks extend well beyond the personal user to any enterprise with employees using mobile devices — company-provided or employee-liable — for business purposes. When infected, Xsser mRAT exposes virtually any information on iOS devices including SMS, email, and instant messages, and can also reveal location data, usernames and passwords, call logs and contact information.
To avoid the risk of being attacked by this trojan, make sure that either you don’t jailbreak your device or if you do, then stick to trusted repositories. You can read more details and specifics about this particular iOS trojan attack through Lacoon.