Security company Kaspersky Lab has detected new backdoor malware that targets Uyghur activists who use Mac OS X as a part of Advanced Persistent Threat (APT) campaign.
The new malware is sending customised emails to certain Uyghur Mac users. The targeted emails included ZIP attachments inside them, which contain a malicious Mac OS X backdoor.
The attachment when opened reveals a JPEG photo together with the malicious application.
When executed, the malware installs itself inside the victim’s Mac and connects to its Command and Control (C&C) server located in China to get instructions and allows its operator to list files, transfer files and run commands on the infected Mac computer.
Kaspersky Lab’s researchers concluded that the malicious application is a newly undetected variant of the MaControl backdoor, which supports both i386 and PowerPC Macs.
Kaspersky Lab Global Research & Analysis director Costin Raiu said as the adoption increases for Mac OS X, the attacks for both mass-infection and targeted campaigns will also grow.
"Attackers will continue to refine and enhance their methods to mix exploits and social engineering techniques to try and infect victims." Raiu said.
"Just like PC malware, this combination is commonly the most effective and cybercriminals will continue to challenge Mac OS X users’ security, both technically and psychologically."
