There's a new kind of spyware going around called Xsser that's reportedly targeting protestors in Hong Kong. The spyware — which appears to have ties to Android malware discovered last week — is installed via a Debian package and requires a victim's iPhone or iPad to be jailbroken. Breaking the root jail of iOS can provide for functionality beyond what Apple currently ships, but also strips away Apple's built-in iOS security. The same way jailbroken software can be loaded, malicious software can be loaded. (Same goes with bypassing Android's default security settings, as well as when you open up a phone to root access.) So what's going on with Xsser and how can you protect yourself?
Reuters has a quasi-report up that mislabels Xsser as a virus, doesn't link back to its source, and neglects to mention that only jailbroken iOS devices seem to be vulnerable, but does provide the following overview:
The malicious software, known as Xsser, is capable of stealing text messages, photos, call logs, passwords and other data from Apple mobile devices, researchers with Lacoon Mobile Security said on Tuesday. They uncovered the spyware while investigating similar malware for Google Inc's Android operating system last week that also targeted Hong Kong protesters. Anonymous attackers spread the Android spyware via WhatsApp, sending malicious links to download the program, according to Lacoon.
Lacoon itself is more thorough:
Lacoon hasn't uncovered information regarding the method or vector of attack. The iOS device needs to be jailbroken in order to be infected. Then with Cydia installed, the repository would be need to be added and then the package could be installed. All that's known is that both the iOS and Android attacks share a CnC server. The package itself is a debian .deb package. The package installs an iOS 'launchd' service to make sure the app starts after booting and in addition starts it up immediately.
If you think you're at risk from Xsser, until more is known about how it is being spread, removing your jailbreak by upgrading or restoring to an official version of iOS is the best way to protect yourself.
Nick Arnott contributed to this article.
We may earn a commission for purchases using our links. Learn more.
Let's talk aesthetic Home screens, Apple Watches, iPhone 12, and more
It's been quite a busy September. We got new Apple Watches, iOS 14 and watchOS 7, new customization trends, and so much more. Let's dive in!
FAQ: TikTok & WeChat ban — why it’s happening and what it means for you
Are TikTok and WeChat really being banned? When does all of this take effect? Will I still be able to use these apps? All this and more answered in our FAQ regarding the latest U.S. orders.
Here's everything we know about the iPhone 12 so far
With the iPhone 12 reportedly just weeks away, here's everything we currently know about Apple's next flagship lineup!
These HomeKit cameras work with iOS14's Face Recognition and Activity Zones
iOS 14 brings some powerful new capabilities to HomeKit Secure Video-enabled cameras like Face Recognition and Activity Zones. Here's all of the cameras and doorbells that support the latest and greatest HomeKit features.