A New Mac Backdoor Is Out There To Pwn You

Here’s another reminder that Macs do get malware and you have to protect yourself accordingly. There’s a new piece of malware that installs a nasty backdoor in your Mac via a phishing email that contains an booby trapped MS Word document. It was discovered by Trend Micro and is linked to a group called OceanLotus which is also known as APT32 which has been fingered with attacks against human rights organizations, media organizations, research institutes, and maritime construction firms with a connection to Vietnam. Oh yeah, they’ve state sponsored too.

This backdoor is kind of nasty. Once installed, malicious files downloaded and installed to enable persistence will ensure the malware loads at startup. It also collects information relating to the operating system, submits data to the malware’s command control (C&C) servers, and also receives instructions from the malware’s operators. Information sent to the C&C server is both scrambled and encrypted and is decoded on the other side.

Antivirus companies are likely updating their definition files to stop infections. But seeing as the only way this malware can get into your system is if you fall victim to the phishing email, I would say that you take the advice of Wired so that you don’t become a victim of this or any other phishing based malware.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: