Trojan targets Tibetan activist groups that use Macs

Share this article:

Researchers at a security firm have spotted espionage malware targeting users of Mac computers.

The attacks are taking advantage of a Microsoft Word vulnerability, which affects both Windows and Mac platforms and was patched nearly three years ago, said Jaime Blasco, a researcher with AlienVault, maker of vulnerability assessment and threat detection products.

Since earlier this month, remote access trojans, or RATs, which are being sent in spear phishing emails containing a malicious Microsoft Word file, have been targeting pro-Tibet organizations -- with the goal of purging sensitive information without being detected.

"It is no surprise that Tibetan organizations are being targeted -- they have been for years -- and we continue to see Chinese actors breaking into numerous organizations with impunity," Blasco wrote in a March 13 blog post. "Unfortunately, in this particular case, these attacks may have a direct impact on the abuse of human rights in these regions."

The latest campaign is going after Macs, which continue to grow in popularity. Blasco said this is a sign that if advanced attackers are going to be successful, they may have to find ways to infiltrate platforms that traditionally have gone untouched, aside from general malware such as rogue anti-virus programs.

"If these guys want to penetrate these systems, they need to develop new malware for Mac," said Blasco, who added that this is the first time he has seen Office files being used to deliver a trojan on the Mac OS X.

Share this article:

Sign up to our newsletters

More in News

eBay faces class-action suit over breach

eBay faces class-action suit over breach

A suit filed in a federal court in Louisiana charges the company with failing to protect personal information and seeks damages on multiple counts.

Five schools earn NSA's excellence in cyber ops distinction

The schools earned NSA's Centers for Academic Excellence designation for their cyber offerings.

With RATs at their disposal, 419 scammers target businesses

With RATs at their disposal, 419 scammers target ...

A new report reveals how Nigeria's 419 scammers are spreading malware to pocket business funds.