Malware Targets Uyghur Mac OS X Users
The attacks attempt to exploit a Microsoft Word flaw that was patched in 2009.
"Costin Raiu, director of Kaspersky Lab's global research and analysis team, wrote that a number of attacks have been seen directed at the World Uyghur Congress, a Munich-based organization that promotes human rights," writes Network World's Jeremy Kirk. "The attacks, some of which were observed last year, have spiked this year, 'indicating the attackers are extremely active at the moment,' Raiu wrote. In all of the cases, the attack code is embedded within a Microsoft Word document."
"As with some of the previous attacks, the perpetrators of the campaign ... [trick] users into opening booby-trapped Microsoft Word documents that exploit a vulnerability that was fixed in 2009," writes Ars Technica's Dan Goodin. "Those who fall for the ruse and are using out-of-date versions of Word are infected with an off-the-shelf backdoor known as TinySHell. The malware is configured to connect to command and control servers that have been used for years in APT attacks."
"The Uyghur people are no stranger to malicious online attacks," notes Threatpost's Christopher Brook. "Last summer Uyghur Mac users were targeted in an APT campaign that unleashed a MaControl Trojan, 'Backdoor.OSX.MaControl.b,' on their systems. That malware let attackers run commands on the infected computer and allowed attackers access to the victim’s files."