alt=
203x44-linked-in
News  General
Chinese government

Kakao Talk

The popular Kakao Talk Android app has been hacked, and investigators are concerned the finger is pointing towards the Chinese government as the culprit. This is hot on the heels of the recent Tibetan spear phishing attack. The app, a messaging and chat application developed by a South Korean firm, is popular with the Tibetan community because it is considered more secure than a similar app called WeChat developed by Chinese operator Tencent. Users were worried that the Chinese government would be able to monitor communications through WeChat.

Citizen Lab

Citizen Lab said the compromised version of Kakao Talk worked in the same way as the legitimate app but contained a much longer list of permission requests. As Citizen Lab points out, Tibetan activists often circumvent the official Google Play app store to get around restrictions placed on it. This leaves them more open to the possibility of installing malicious apps.

Another aspect of the compromised app, which Citizen Lab calls “troubling and curious”, is its ability to intercept text messages and search them for a specific code sent by the attacker. If it is detected, the app replies to the text giving technical information such as the base station ID, tower ID, mobile network code and mobile area code. It does all this without the user's knowledge.

Geography

This information is only useful to actors with access to the cellular communications provider and its technical infrastructure, such as large businesses and government. It almost certainly represents the information that a cellular service provider requires to initiate eavesdropping, often referred to as ‘trap & trace'. Actors at this level would also have access to the data required to perform radio frequency triangulation based on the signal data from multiple towers, placing the user within a small geographical area.