Here’s another reminder that Macs do get malware and you have to protect yourself accordingly. There’s a new piece of malware that installs a nasty backdoor in your Mac via a phishing email that contains an booby trapped MS Word document. It was discovered by Trend Micro and is linked to a group called OceanLotus which is also known as APT32 which has been fingered with attacks against human rights organizations, media organizations, research institutes, and maritime construction firms with a connection to Vietnam. Oh yeah, they’ve state sponsored too.
This backdoor is kind of nasty. Once installed, malicious files downloaded and installed to enable persistence will ensure the malware loads at startup. It also collects information relating to the operating system, submits data to the malware’s command control (C&C) servers, and also receives instructions from the malware’s operators. Information sent to the C&C server is both scrambled and encrypted and is decoded on the other side.
Antivirus companies are likely updating their definition files to stop infections. But seeing as the only way this malware can get into your system is if you fall victim to the phishing email, I would say that you take the advice of Wired so that you don’t become a victim of this or any other phishing based malware.
Like this:
Like Loading...
Related
This entry was posted on April 9, 2018 at 12:33 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
A New Mac Backdoor Is Out There To Pwn You
Here’s another reminder that Macs do get malware and you have to protect yourself accordingly. There’s a new piece of malware that installs a nasty backdoor in your Mac via a phishing email that contains an booby trapped MS Word document. It was discovered by Trend Micro and is linked to a group called OceanLotus which is also known as APT32 which has been fingered with attacks against human rights organizations, media organizations, research institutes, and maritime construction firms with a connection to Vietnam. Oh yeah, they’ve state sponsored too.
This backdoor is kind of nasty. Once installed, malicious files downloaded and installed to enable persistence will ensure the malware loads at startup. It also collects information relating to the operating system, submits data to the malware’s command control (C&C) servers, and also receives instructions from the malware’s operators. Information sent to the C&C server is both scrambled and encrypted and is decoded on the other side.
Antivirus companies are likely updating their definition files to stop infections. But seeing as the only way this malware can get into your system is if you fall victim to the phishing email, I would say that you take the advice of Wired so that you don’t become a victim of this or any other phishing based malware.
Share this:
Like this:
Related
This entry was posted on April 9, 2018 at 12:33 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.