Malware attacks spike against Apple OS X users in China enclave

One of the pages displayed by a booby-trapped Word document that exploits a vulnerability Microsoft patched in 2009.

Researchers are reporting a spike in hack attacks targeting Mac OS X systems for the purpose of surreptitiously monitoring users' e-mail and chat contacts and maintaining persistent control over their computers.

The increased attacks are?targeting?supporters of the Uyghur people, a Turkic ethnic group who primarily live in a region of China, according to two separate reports independently published by researchers from Kaspersky Lab and AlienVault Labs. They are the latest to document the growing vulnerability of Mac users to so-called advanced persistent threats, which target users over a span of months or years to mine specific proprietary or social information of interest to the attackers.

"With these attacks, we continue to see an expansion of the APT capabilities to attack Mac OS X users," wrote Costin Raiu, director of Kaspersky's global research and analysis team. "In general, Mac users operate under a false sense of security which comes from the years-old mantra that 'Macs don?t get viruses.'"

As with some of the previous attacks, the perpetrators of the campaign documented in Wednesday's reports tricked users into opening booby-trapped Microsoft Word documents that exploit a vulnerability that was fixed in 2009. Those who fall for the ruse and are using out-of-date versions of Word are infected with an off-the-shelf backdoor known as TinySHell. The malware is configured to connect to command and control servers that have been used for years in APT attacks.

Macs have been successfully targeted in a variety of other espionage campaigns, as Ars has reported previously here, here, and here. Last year, commercially motivated malware known as Flashback also infected an estimated 500,000 Macs by targeting a vulnerability in Oracle's Java browser plugin.

Malicious hackers generally only do as much work as necessary to infect their targets, and that may explain why the tools in this campaign are relatively primitive. If the targets are using old systems with no antivirus protection and haven't been trained to avoid e-mail-borne attachments, the perpetrators have little reason to use more valuable firepower. Indeed, attacks that have succeeded for years against Windows users also employ easy-to-defeat techniques. Wednesday's reports are a good reminder that no matter what kind of computer people are using, users are vulnerable to attacks that can completely compromise their personal, business, and social secrets.

Readers are reminded to install security patches as soon as possible and avoid clicking on links included in e-mails, even when they appear to come from a friend, work colleague, or other known sender. Readers may also want to consider the use of third-party antivirus protection. Mac AV is available from a variety of providers, including Sophos, Intego, Kaspersky, and Avast, to name just a few.

Source: http://feeds.arstechnica.com/~r/arstechnica/security/~3/tRRJvOnMoVk/

office max office max jcp Sports Authority Hollister old navy walmart black friday