Kaspersky Labs detects new wave of Mac OS X APT attacks July 2, 2012 - 15:47 AMT PanARMENIAN.Net - Kaspersky Labs has detected a new wave of Mac OS X APT (advanced persistent threat) attacks, marking the second time this year the security company has presented evidence that the Apple platform is susceptible to such threats, InfoWorld reports. This particular attack is aimed at Uyghur activists - but that's no reason for other Mac users to be complacent. "With Macs growing in popularity and their increased adoption by high-profile targets, we expect the number of Mac OS X APT attacks will also grow," cautioned Costin Raiu, a Kaspersky Lab Expert. Mac's once-pristine security record has steadily tarnished in recent months as the platform continues to rise in popularity. In addition to the Trojan dubbed SabPub that materialized back in April, malware called Flashback reportedly infected at least 600,000 Macs this year. To Apple's credit, the company is at least indirectly acknowledging that its platform isn't bulletproof and is taking steps to make it more secure. For example, the forthcoming OS X 10.8, aka Mountain Lion,will be capable of automatically polling Apple for security updates on a daily basis. For this newly discovered threat, attackers are sending targeted emails with a ZIP attachment containing a JPEG image and a new, mostly undetected version of the Mac Control backdoor Trojan. Upon execution, the Trojan installs itself on the target machine in typical APT fashion and connects to its command and control server for orders. With the backdoor installed, the attacker effectively has free reign over the infected machine and its contents. Notably, hackers are using a Windows counterpart of this Trojan - dubbed Gh0st Rat - to attack Uyghur PC users, according to AlienVault. The backdoor is "quite flexible," Raiu wrote. "Its command and control servers are stored in a configuration block which has been appended at the end of the file. The configuration block is obfuscated with a simple 'substract 8' operation." This Trojan intercepted by Kaspersky connects to a C&C server based in China.   Top stories Yerevan will host the 2024 edition of the World Congress On Information Technology (WCIT). Rustam Badasyan said due to the lack of such regulation, the state budget is deprived of VAT revenues. Krisp’s smart noise suppression tech silences ambient sounds and isolates your voice for calls. Gurgen Khachatryan claimed that the "illegalities have been taking place in 2020."   Partner news Most popular in the section |  Latest news Czech-Armenian military cooperation discussed in Yerevan  A delegation led by the Director General for the Industrial Cooperation Division of the Ministry of Defence of the Czech Republic visited Armenia.U.S. welcomes efforts to define Armenia-Azerbaijan border The United States welcomes efforts to define the border between Armenia and Azerbaijan, says Vedant Patel.Biden honors resilience of Armenian people on April 24 U.S. President Joe Biden has issued a statement on the 109th anniversary of the Armenian Genocide.Ex-Karabakh leader moved to solitary confinement cell in Baku, his son says David Vardanyan is the son of former Karabakh leader Ruben Vardanyan who who is currently imprisoned in Azerbaijan. |
