As mobile users, most of us follow the standard precautions in the ongoing fight against malicious software, but as the defenses become more adept to dealing with such intrusions, attackers also dream up more advanced, cunning ways of sneaking into our devices and extracting data. A new type of spyware, which appears to have originated from Hong Kong, is said to affect iOS users who’ve opted to jailbreak their devices, and according to experts on the matter, may also be connected to a similar piece of unwanted software lurking on Google’s Android.
It’s something of a rarity that any piece of malware should span the two major mobile platforms in this manner, but it’s certainly not unheard of, and the spyware, known as Xsser, is apparently designed to hit protesters in Hong Kong.
Since Xsser is installed as a Debian package, or .DEB, it’s an issue that only affects jailbroken users on iOS. As many jailbreakers will know, Cydia is awash with Debian packages that can unlock a number of great features, but it’s something of a double-edged sword. For while Apple’s "walled garden" ecosystem may be limiting at stock level, it also prevents intruders from being able to install Debian packages that can get right into the root of the software, and although jailbreaking is considered as being largely safe, instances like this can, and sometimes do occur.
According to Lacoon Mobile Security, Xsser can swipe SMS messages, call logs, passwords, photos and other data, and the security firm makes a direct link to a similar Hong Kong-based malware discovered last week on Android and aimed at protesters.
Despite identifying Xsser, though, Lacoon doesn’t know how it comes to be installed on a mobile device. If you are jailbroken and concerned about unwittingly picking Xsser up, try to avoid any dodgy repositories that present you with that "Source Warning" when you add them, and stick to packages and sources that are renowned as being safe.
Ultimately, restoring your device is the sure-fire way to avoid Xsser on iOS, but while this may solve one issue, it will leave you bereft of all those lovely tweaks.
As for Android users, again, using common sense when installing apps will give you the best chance of dodging Xsser and any other non-niceties doing the rounds. Use only the Play Store for sourcing your content, and be sure that your "Unknown Sources" setting is not enabled.
(Source: Lacoon.com)
