SCF Advanced Search


Members
Stats
  • Total Posts: 32650
  • Total Topics: 9903
  • Online Today: 1344
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)











Author Topic: Uyghur human rights activists Attacked by Mac Trojan (Backdoor OSX MaControl-B)  (Read 3174 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7444
  • KARMA: 312
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Security researchers have intercepted a Mac-based Trojan attack targeting Uyghur human rights activists: http://www.uhrp.org/

The Uyghur are a minority ethnic group that live in Eastern and Central Asia, mostly (but not exclusively) within the geographical borders of China. A run of infected emails sent to Uyghur activists, and intercepted by security researchers at Kaspersky Lab, featured an attached ZIP file, containing a jpg photo and a "MacOS X app".

"The application is actually a new, mostly undetected version of the MaControl backdoor (Universal Binary), which supports both i386 and PowerPC Macs," writes Costin Raiu, director of Kaspersky Lab's global research & analysis team, in a blog post: https://www.securelist.com/en/blog/blog?weblogid=208193616
The Russian firm detects the malware as Backdoor OSX MaControl-B.

If executed, the malicious application opens a backdoor on compromised Mac computers, periodically querying a command and control server for instructions. This command and control server is located in China.

Human rights activists as well as high-tech firms, government agencies and military contractors have all been targeted for cyber-spying attacks over recent years. Most of these attacks are ultimately aimed at compromising Windows boxes on targeted networks but Mac machines are far from immune from assault. For example, security tools biz AlienVault warned of booby-trapped Microsoft Office designed to infect Macs and targeted against Tibetan activists back in April.

In other malware infecting human right site news. AlienVault’s research team warned on Friday that a large human rights web portal that has been compromised and is serving up malware to site visitors. The ASEAN site* has been hacked to expose visiting surfers to attacks based on a Windows XML Core zero-day vulnerability, AlienVault warns: http://labs.alienvault.com/labs/index.php/2012/thailand-ngo-site-hacked-and-serving-malware , referencing an advisory on the attack vector by Sophos published earlier last week: http://nakedsecurity.sophos.com/2012/06/19/unpatched-microsoft-security-vulnerability-exploited

(ElReg)

*More specifically a Thailand NGO portal related to ASEAN (Association of Southeast Asian Nations) human rights.

Samker's Computer Forum - SCforum.info

Sponsored Links:




 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising