The first iOS 8 trojan may have been discovered in a HK protester's iPhone?

wkleem
wkleem
Community Member

" They uncovered the spyware while investigating similar malware for Google Inc's Android operating system last week that also targeted Hong Kong protesters. Anonymous attackers spread the Android spyware via WhatsApp, sending malicious links to download the program, according to Lacoon."

It is unclear how iOS devices get infected with Xsser, which is not disguised as an app.

https://sg.news.yahoo.com/advanced-ios-virus-targeting-hong-kong-protesters-security-210741365.html

Would the Defender of the Dark Arts @jpgoldberg like to comment on this

Comments

  • jpgoldberg
    jpgoldberg
    1Password Alumni

    Thanks for bringing this up, @wkleem.

    Xssser mRAT can only run on jailbroken iPhones. It is important to emphasize that when you jailbreak your phone, you are disabling a large swath of security mechanisms.

    On the whole, I agree with Graham Cluley's advice on the Intego Security Blog a couple of months ago. Don’t Jailbreak Your iPhone if You Want to Stop Government Spyware.

    Again, let me note that there is still a lot of uncertainty about how Xsser mRAT is distributed, but whether it is a Trojan (something malicious hidden in part of something that people deliberately install) or through some other means, it still can only operate on jailbroken iOS devices.

  • wkleem
    wkleem
    Community Member

    @jpgoldberg Chief Defender of the Dark Arts. Thanks for the reply. Looks like I got your title misnamed as well

  • On behalf of Jeff, you are very welcome.

  • wkleem
    wkleem
    Community Member

    @bwoodruff, Chief Defender Against the Dark Arts. I cannot seem to get it right the first time around! Keep up the good work, The only gripe that I have is that Windows Phone is low priority for Agilebits. Would be nice to see a much more functional 1Password there.

  • Thanks for the feedback! I'll pass along your interest in an updated Windows Phone app.

    Please let us know if you have any other questions. We're always happy to help!

This discussion has been closed.