[ Forwarded from Dave Farber's most excellent "IP" mailing list. ---rsk ]
----- Forwarded message from David Farber via ip <i...@listbox.com> ----- > Date: Wed, 1 Oct 2014 12:15:09 -0400 > From: David Farber via ip <i...@listbox.com> > To: ip <i...@listbox.com> > Subject: [IP] Sophisticated iPhone and Android malware is spying on Hong Kong > protesters > > Begin forwarded message: > >> From: Dewayne Hendricks <dewa...@warpspeed.com> >> Subject: [Dewayne-Net] Sophisticated iPhone and Android malware is spying on >> Hong Kong protesters >> Date: October 1, 2014 at 8:59:30 AM EDT >> To: Multiple recipients of Dewayne-Net <dewayne-...@warpspeed.com> >> >> Sophisticated iPhone and Android malware is spying on Hong Kong protesters >> Researchers say all signs point to the Chinese government >> By Amar Toor >> Oct 1 2014 >> >> <http://www.theverge.com/2014/10/1/6877377/sophisticated-iphone-and-android-malware-is-spying-on-hong-kong> >> >> A fake smartphone app is being used to remotely monitor pro-democracy >> protesters in Hong Kong, according to a report from the New York >> Times. Researchers from Lacoon Mobile Security say the phishing scam is >> spreading across the messaging application WhatsApp, through texts that >> read: "Check out this Android app designed by Code4HK for the coordination >> of OCCUPY CENTRAL!", along with a link to download software. Lacoon >> says the software, once downloaded, can access a user's personal data, >> including phone calls, text messages, and the physical location of their >> smartphone. Code4HK ? a developer community that has helped to spread >> information about the protests ? tells the Times it had nothing to do >> with the texts. >> >> The origin of the scam remains unknown, but Lacoon CEO Michael Shaulov >> says the Chinese government is likely behind it, given the location of the >> servers and the sophistication of the operation. The company traced it to >> a computer that they say is similar to those that the Chinese government >> allegedly used to launch cyberattacks against US targets last year. The >> spread of the app remains equally unclear, though Shaulov says it was >> downloaded by one out of every ten phones that received the fake message, >> and, notably, that it has affected both Android and iOS users alike. >> >> Phishing scam targets Android and iOS users alike >> >> "This is the first time that we have seen such operationally sophisticated >> iOS malware operational, which is actually developed by a Chinese-speaking >> entity," Shaulov told the Times. >> >> Today's report comes as thousands of protesters flocked to the streets >> on China's National Day, calling for Beijing to allow for free democratic >> elections in 2017. China had previously said it would allow Hong Kong to >> choose its own leader by that date, but backtracked on that promise in >> August, when it announced that all candidates would have to be approved >> by Beijing. >> >> Protesters in the "Occupy Central" movement have clashed with police >> since protests escalated over the weekend, and there are fears of >> further confrontation tonight, during National Day celebrations. The >> Chinese government has gone to great lengths to censor news of the >> demonstrations. Most state-run media have not mentioned it, and Chinese >> web censors have stepped up efforts to block images and videos on social >> media. On Sunday, the government blocked access to Instagram within >> mainland China, and posts on the Twitter-like service Sina Weibo have >> been aggressively deleted, according to the Times. In the past few days, >> censors have blocked any Weibo posts including the words "Hong Kong," >> "barricades," and "umbrella" ? the unofficial symbol of Hong Kong's >> movement. >> -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.