Kaspersky detects new Mac OS X malware attacks

Security

by CBR Staff Writer| 04 July 2012

The company's system has detected the malicious variant as “Backdoor.OSX.MaControl.b”

Security company Kaspersky Lab has detected new backdoor malware that targets Uyghur activists who use Mac OS X as a part of Advanced Persistent Threat (APT) campaign.

The new malware is sending customised emails to certain Uyghur Mac users. The targeted emails included ZIP attachments inside them, which contain a malicious Mac OS X backdoor.

The attachment when opened reveals a JPEG photo together with the malicious application.

When executed, the malware installs itself inside the victim's Mac and connects to its Command and Control (C&C) server located in China to get instructions and allows its operator to list files, transfer files and run commands on the infected Mac computer.

Kaspersky Lab's researchers concluded that the malicious application is a newly undetected variant of the MaControl backdoor, which supports both i386 and PowerPC Macs.

Kaspersky Lab Global Research & Analysis director Costin Raiu said as the adoption increases for Mac OS X, the attacks for both mass-infection and targeted campaigns will also grow.

"Attackers will continue to refine and enhance their methods to mix exploits and social engineering techniques to try and infect victims." Raiu said.

"Just like PC malware, this combination is commonly the most effective and cybercriminals will continue to challenge Mac OS X users' security, both technically and psychologically."

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

745 people like this.
0 people follow this.

Security Intelligence

Suppliers Directory


See more
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.