Categories: MacSecurityWorkspace

Researchers Warn of Mac OS X Targeted Attacks

Security researchers have uncovered a never-before-seen Trojan targeting Mac users, indicating hackers are paying more attention to Apple machines when it comes to targeted attacks.

The Trojan’s creators have dubbed their special piece of malware MacControl. It executes every time the infected computer starts and lets the operators have complete control over a victim’s machine.

Tibetan targets

The malware loads upon execution of a malicious Word file and thus far appears to be aimed at pro-Tibetan campaigners. The same command and control (C&C) server has been seen running other Trojans attached to emails purporting to be from the Tibetan Women’s Association.

“A remote code execution vulnerability exists in the way that Microsoft Office Word handles a specially crafted Word file that includes a malformed record,” security company AlienVault said in a blog post. “An attacker who successfully exploits this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

When a user clicks on the malicious .Doc file, the executed Trojan also opens a non-malicious word document in an attempt to fool the user into thinking they have just downloaded a legitimate attachment.

Trend Micro said this case shows Mac users are not invulnerable to targeted attacks. “This adjustment to affect Macs also shows that they are refining their scope, and are really customizing their tools to suit their targets,” said Trend threat research manager Ivan Macalintal, in a blog post.

“In this light, and knowing that the Mac OS X arena has seen in its fair share of threats increasing, it is advisable to be aware that Mac OS X can also be targeted, and seen as a new playing field for these groups behind targeted attacks and APTs [Advanced Persistent Threats] to further their agenda.”

Whilst targeted attacks going after Mac machines have been rare to non-existent until now, Apple-focused malware has been growing in recent times. Last year, the fake antivirus threat MacDefender caused much concern and a nasty piece of malware called Olyx, which could install backdoors on Macs.

Keen on IT security? See how much you know about it with our quiz.

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago