Mac trojan Dockster served on Dalai Lama site

Share this article:

A new Mac trojan known as Dockster, which takes advantage of the same, now-patched Java vulnerability that enabled another trojan to spread like wildfire on Apple computers last spring, is being served on a website  affiliated with the Dalai Lama.

Researchers at Finnish security firm F-Secure have spotted the new trojan, which it described as a "basic backdoor" capable of logging keystrokes. The malware leverages CVE-2012-0507, a Java vulnerability that was patched by Apple in April after the password-stealing Flashback trojan propagated to potentially hundreds of thousands of Macs.

Dockster -- which is being foisted on "unofficial" Dalai Lama site gyalwarinpoche[dot]com, is proof that malware writers are continuing to their focus on Mac platforms.

In this case, Tibetan activists are apparently the target, as they have been in the past. The website is registered with the Dalai Lama's office in the Indian state of Himachal Pradesh, and the Dalai Lama is the spirtual leader of the Tibetan people.

The news is not all bad, however. Users with updated operating systems should be immune from the threat.

"Current versions of Mac OS X and those with their browser's Java plug-in disabled should be safe from the exploit," Sean Sullivan, a security adviser at F-Secure, wrote Monday in a blog post.

He added that the Dalai Lama site also is serving a Windows exploit, Trojan.Agent.AXMO, which takes advantage of a separate Java vulnerability that was patched with an emergency fix on Aug. 30.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Kevin Mitnick to sell zero-day exploits

Kevin Mitnick's new venture will develop and procure zero-day exploits, then sell them for $100,000 or more.

FBI warns of potential cyber attacks launched by ISIS hacktivists

Following U.S. military airstrikes in the Middle East, the FBI has issued a warning regarding possible cyber threats aimed at U.S. networks and critical infrastructure by hacktivists in support of ISIS.

Report: 75 million records compromised so far in 2014

Report: 75 million records compromised so far in ...

An updated report indicates that since this time last year, breaches have increased by 29.4 percent, with 568 breaches occurring this year.