A new twist on an old piece of Apple malware, named OSX/Tibet.C, has put the backdoor on users' radars again.
According to researchers at Mac security software company Intego, the malware is downloaded to computers unbeknownst to users via Java applets hosted on compromised websites.
The attack is known as a 'watering hole' because it baits victims without having to target them individually.
The trojan contacts a China-based command-and-control server which gives operators remote access.
Apple's operating system is typically malware free, although the password-stealing Flashback malware infected hundreds of thousands of machines last year.
Tibet.C exploits Java vulnerabilities which can be patched by downloading Java 7u25 and newer versions of the platform.
_(37).jpg&h=140&w=231&c=1&s=0)
Cyber Resilience Summit
iTnews Executive Retreat - Security Leaders Edition
Huntress + Eftsure Virtual Event -Fighting A New Frontier of Cyber-Fraud: How Leaders Can Work Together
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
.jpg&h=271&w=480&c=1&s=1)
_(1).jpg&h=140&w=231&c=1&s=0)
