Skip to main content

Fake CODE4HK Mobile Application Attack

Last Update Date: 3 Oct 2014 Release Date: 18 Sep 2014 1567 Views

RISK: Medium Risk

TYPE: Attacks - Malware

TYPE: Malware

A fake mobile application named CODE4HK claiming to coordinating the Occupy Central pro-democracy movement has circulated online since 16 Sep 2014.


Malicious behaviours were identified in a fake CODE4HK mobile application, which can cause information disclosure.


[UPDATE 2014-10-03]

A security company discovered an iOS spyware called Xsser, which was related to fake CODE4HK attack campaign. The researcher mentioned that he had not uncovered information regarding the method or vector of attack. The spyware needs to install on a jailbroken iOS device with Cydia app.


  • Information Disclosure

System / Technologies affected

  • Android 4.x and prior
  • [UPDATE 2014-10-03] Jailbroken iOS with Cydia app installed


Removal for Android

  1. Go to Settings > Apps on the device
  2. Find "code4hk" in the Downloaded list
  3. Click on "code4hk" to the App info
  4. Click "Uninstall"

Prevention for Android

  • Do NOT install application file (*.apk) from unknown source
  • Disable "Unknown sources" option in the Settings > Security on the device

[UPDATE 2014-10-03] Removal for iOS

  • Reset and Erase iOS device

[UPDATE 2014-10-03] Prevention for iOS

  • Do NOT jailbreak iOS device
  • Do NOT install application from unknown source

Vulnerability Identifier

  • No CVE information is available


Related Link