Hong Kong protesters hit with malware, turn to “off-the-grid” chat app

The pro-democracy protests started by Hong Kong students’ and backed by the Occupy Central protesters (Central is the name of Hong Kong’s financial district) are picking up speed, supporters, and have, unfortunately, also resulted in violent confrontations with the police.

The protestors rail against the Chinese government’s decision to not allow Hong Kong residents to choose their city’s next leader, and push to install one that will be loyal to the mainland government. The protests have been condemned by the city’s financial tycoons, who are worried about the destabilizing effect they might have on the economy.

As it was to be expected, the government is trying to disrupt and shut down the protests and, at the same time, prevent news of it to reach the rest of the country.

They are trying to achieve the latter by blocking mainland Internet users from visiting even more online services and websites that usual. The latest victim of this is Instagram, on which pictures of the mass of Hong Kong protesters taking over the streets of the city have been cropping up regularly.

The former goal is pursued by arresting protestors and gaining insight into their plans and location information.

According to the South China Morning Post, protestors have been targeted with mobile spam urging them to download an Android app supposedly designed by the Code4HK community, which ostensibly facilitates the coordination of Occupy Central.

But both Occupy Central and Code4HK leaders denied having anything to do with it, and after an analysis, it has been revealed that the app is actually a piece of rather generic spyware, which accesses users’ contacts, browsing history, approximate location, text messages, phone call history, and can record audio.

It’s difficult – if not entirely impossible – to say for sure who is behind the fake app, but it’s natural that the targets suspect Chinese government-backed hackers to be involved.

Worried about the government’s network surveillance efforts and reports that Hong Kong authorities are thinking about shutting down the city’s cellular networks, the protesters have begun using FireChat, a P2P chat app that allows users to exchange messages even when there is no mobile phone coverage or Internet access.

The app creates ad-hoc mobile networks, and the messages are sent over Bluetooth and Wi-Fi. These connections are encrypted, and the messages are not going through a central server that can be accessed by authorities.




Share this