Mac Trojan targets Tibetan activist groups

By on

Command and Control chatter encrypted, answered by a human.

Researchers at a security firm have spotted espionage malware targeting users of Mac computers.

The attacks are taking advantage of a Microsoft Word vulnerability, which affects both Windows and Mac platforms and was patched nearly three years ago, said Jaime Blasco, a researcher with AlienVault.

Since earlier this month, remote access trojans, or RATs, which are being sent in spear phishing emails containing a malicious Microsoft Word file, have been targeting pro-Tibet organisations -- with the goal of purging sensitive information without being detected.

"It is no surprise that Tibetan organisations are being targeted -- they have been for years -- and we continue to see Chinese actors breaking into numerous organisations with impunity," Blasco said.

He said that the latest campign targeted Macs was a sign that attackers would need to find ways to infiltrate platforms that traditionally have gone untouched.

Blasco said it was the first time he had seen Office files being used to deliver a trojan on the Mac OS X.

This article originally appeared at

Copyright © SC Magazine, US edition

Most Read Articles

Log In

|  Forgot your password?