A new trojan malware threat for the Mac has surfaced the Turkic Uighur population in China. The malware masquerades as a JPG image, but also includes a hidden payload that lets attackers view files on the victim’s computers as well as issue remote commands.
New trojan targets Uighur Mac users
The Uighur Mac users targeted by the trojan, which is a variation on MaControl malware, were part of an Advanced Persisten Threat campaign, according to the security firm Kapersky. The malware payload is being distributed as an email attachment that, when opened, installs a backdoor giving attackers access to the victim’s Mac.
“The backdoor allows its operator to list files, transfer files and generally run commands on the infected Mac computer at will,” Kapersky researchers said. “During the analysis of the malware, Kaspersky Lab identified its C&C server, which is located in China.”
A similar attack targeted Tibetan activists earlier this year, and apparently the new MaControl variant has been in the wild for weeks.
As always, avoid websites you aren’t certain you can trust, and don’t open email attachments that come from people and organizations you don’t recognize.