Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Chinese Trojan targets Mac-using Uighur activists

Another suspected Chinese attack

Article comments

Political activists with an interest in Chinese affairs are being targeted once again by a new backdoor Trojan campaign that almost certainly originates in the country, security companies have reported.  

Based on the established MaControl (or MacControl) APT, the targets of the backdoor this time are Uighur activists running Windows and, interestingly, both Intel and old PowerPC-based Apple Macs.

As with previous anti-activist attacks with a Chinese connection, there is nothing unusual about the mechanics of the attack, which arrives in inboxes as a zip attachment containing an image and an application.

Launching the app opens the infected machine to information theft and remote control; the standard gamut of APT malware in other words.

Beyond the fact that Uighur politics (a restive ethnic minority in China's north-west) is of interest to Chinese organisations, the command and control servers are registered inside the country, but there is more; whomever wrote or adapted the malware code added debug in English that included the sort of spelling errors a non-native speaker might make.

“With Macs growing in popularity and their increased adoption by high profile targets, we expect the number of MacOS X APT attacks will also grow,” noted Kaspersky Lab researcher, Costin Raiu, before adding that the Dalai Lama himself – a major target for Chinese nationalists - has recently been spotted using a Mac.

Security firm AlienVault has reported a separate version of the campaign that uses the well-known Gh0st RAT to hit PC users. In March, this was seen in an attack on pro-Tibetan sympathisers that bears some comparisons with the new attack. By May, Gh0st RAT was even being served from the Amnesty International UK website.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *