xRAT: Monitoring Chinese Interests Abroad With Mobile Surveillance-ware

Back to the list of Speakers and Sessions
The rapid evolution of targeted Android surveillance-ware has enabled China’s mobile arsenal to successfully compromise target devices for years - this talk dives into the xRAT family and its tools.

With mobile becoming the platform-of-choice for advanced threat actors regardless of their budget, this talk will take a closer look at a custom surveillance tool called xRAT, which has its roots in previously reported malware known as mRAT and Xsser. Both these early pieces of malware have been associated with attacks against pro-democracy activists in Hong Kong dating as far back as 2014. However, xRAT was rapidly being developed in mid 2017 and again in the second half of 2018, with a different focus.