Year of the RAT: China’s malware war on activists goes mobile

Activists involved in Hong Kong's "Umbrella Revolution" have been targeted by remote access malware for Android and iOS that can eavesdrop on their communications—and do a whole lot more.

Malware-based espionage targeting political activists and other opposition is nothing new, especially when it comes to opponents of the Chinese government. But there have been few attempts at hacking activists more widespread and sophisticated than the current wave of spyware targeting the mobile devices of members of Hong Kong’s “Umbrella Revolution.”

Over the past few days, activists and protesters in Hong Kong have been targeted by mobile device malware that gives an attacker the ability to monitor their communications. What’s unusual about the malware, which has been spread through mobile message “phishing “ attacks, is that the attacks have targeted and successfully infected both Android and iOS devices.

The sophistication of the malware has led experts to believe that it was developed and deployed by the Chinese government. But Chinese-speaking hackers have a long history of using this sort of malware, referred to as remote access Trojans (RATs), as have other hackers around the world for a variety of criminal activities aside from espionage. It’s not clear whether this is an actual state-funded attack on Chinese citizens in Hong Kong or merely hackers taking advantage of a huge social engineering opportunity to spread their malware. But whoever is behind it is well-funded and sophisticated.

Read 17 remaining paragraphs | Comments