Mac espionage trojan targets Uighur activists

Powered by SC Magazine
 

The Uighur Muslim minority group is subject to a sophisticated attack.

Researchers at Kaspersky Lab have come across a new malware campaign targeting Uighur activists who use Mac OS X.

The backdoor, dubbed MaControl.b, is being used to spy on Uighur dissidents. Researchers said they discovered the "new wave" of advanced persistent threat attacks targeting the Turkik-speaking Muslim group, which mostly lives in the northwest Chinese province of Xinjiang.

The attackers are sending their prospective victims legitimate looking emails that contain a difficult-to-detect exploit disguised in a ZIP file, which is attached.

"When executed, it installs itself in the system and connects to its command-and-control server to get instructions," said Kaspersky senior security researcher Costin Raiu. "The backdoor allows its operator to list files, transfer files and generally run commands on the infected machine."

The Uighurs have sought greater religious freedoms and autonomy, and have staged a number of uprisings against Chinese rule. The US State Department has called out the Chinese government for repressing and committing human rights abuses against the minority group.

This is not the first time this year that virus authors have customised their wares to run on the Mac and go after dissidents. In March, the security firm AlienVault reported that Tibetan activists were being targeted by remote access trojans, or RATs, which took advantage of a three-year-old vulnerability in Microsoft word.

"With Macs growing in popularity and their increased adoption by high-profile targets, we expect the number of Mac OS X APT attacks will also grow," Raiu wrote.

In fact, his blog post includes a photo of the Dalai Lama using a 17-inch MacBook Pro during a meeting.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


 
 
 
Top Stories
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
 
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
 
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  28%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1120

Vote