According to South China Morning Post, on October 4, 2014, the websites of the city's biggest political party, the Occupy Central movement and the Silent Majority for Hong Kong were all taken offline by hackers after a US-based group declared cyberwar on the Hong Kong government.[1] The hackers' group, known as Anonymous, posted on its various Twitter accounts and its Asia arm's Facebook page that hackers had started a distributed denial-of-service (DDoS)[2] attack against the sites yesterday morning. The cyberattacks bombarded the sites with traffic, overloading their servers and forcing them offline by the afternoon.

“Occupy Central, aka the Umbrella Revolution, may be the most high-tech protest ever, using wireless broadband, multimedia smartphones, drone film making, mobile video projectors, and live streaming video to communicate and to broadcast their cause to the entire world in real time. The victor in this conflict will be determined by who holds the streets, and who rules the digital space.” writes Andrew Lih, the author of The Wikipedia Revolution and associate professor of journalism at the American University School of Communication in Washington DC[3]. Given this remarkable show of force by the crowd under the Umbrella, Beijing has moved quickly to prevent transmissions from reaching the mainland, blocking Chinese access to Instagram, where images and videos from the demonstrations and police crackdowns are regularly being posted, and banning all posts on popular messaging sites like Weibo and WeChat carrying keywords that refer to the protests. Activists found a solution: by downloading the peer-to-peer "mesh messaging" app FireChat — which allows communication among nearby users even when centralized mobile services are unavailable by linking smartphones directly to one another via Bluetooth and wifi — in the hundreds of thousands, and by creating an elaborate system of numerical hashtags to stand in for forbidden terms.

But it’s not the only thing that happened, on October 1, according to The Register, Israeli security firm Lacoon Mobile Security spotted the Xsser mRAT spyware[4] being distributed under the guise of an app to help coordinate the Occupy Central protests in the autonomous region. Protestors were being targeted with the iOS trojan[5] and a related Android spyware[6], the latter of which was sent over WhatsApp messages under the guise of local coder activist group Code4HK[7], according to researchers Shalom Bublil, Daniel Brodie and Avi Bashan. Founder of Lacoon Mobile, Ohad Bobrov said the manufacture of a targeted iOS and Android app appeared to indicate a well-resourced attacker, possibly the Chinese Government. He explained that "Cross-Platform attacks that target both iOS and Android devices are rare, and indicate that this may be conducted by a very large organization or nation state. The fact that this attack is being used against protesters and is being executed by Chinese-speaking attackers suggests it's the first iOS Trojan linked to Chinese Government cyber activity. When infected, Xsser mRAT exposes virtually any information on iOS devices including SMS, email, and instant messages, and can also reveal location data, usernames and passwords, call logs and contact information."[8]

This is a new strategy in cyber war: collecting data from a crowd. Besides discovering the identities of participants, it allows the silence monitoring of their future actions by reading their correspondence and tracking their locations – actions remembering us of the totalitarian regimes tactics establishing a complete surveillance over their subjects. Even more, the software uses a decentralized system to identify its targets which are publicly announced through comments on well known news magazines. And it is much cheaper and covering a larger number of subjects than anything that ever happened before the era of social media.



[1]“ Hackers' group Anonymous shuts down websites after declaring cyberwar”, South China Morning Post, October 4, 2014, at the Internet address

[2] More details about DDoS at the Internet adress

[3] “In Hong Kong’s protests, technology is a battlefield”, Quartz, October 2, 2014, at the Internet address

[4] More details about Xsser mRAT spyware at the Internet address:

[5] According to PC Magazine a Trojan is a program that appears legitimate, but performs some illicit activity when it is run. It may be used to locate password information or make the system more vulnerable to future entry or simply destroy programs or data on the hard disk. A Trojan is similar to a virus, except that it does not replicate itself. More details at the Internet address

[6] Software that sends information about your Web surfing habits to its Web site. Often quickly installed in your computer in combination with a free download you selected from the Web, spyware transmits information in the background as you move around the Web. More details at the Internet address

[7] Code4HK’s is one of several online hubs where activists aggregate and disseminate information to the Hong Kong public. Inspired by Code for America, Code4HK originated as a group dedicated to solve civic issues. More details at the Internet address

[8] “You dirty RAT! Hong Kong protesters infected by iOS, Android spyware”, The Register, October 1, 2014, at the Internet address

Related Posts Plugin for WordPress, Blogger...