Forgot your password?
typodupeerror
Security Botnet OS X Apple

MacControl Trojan Being Used In Targeted Attacks Against OS X Users 187

Posted by Soulskill
from the thanks-for-waiting-so-patiently dept.
Trailrunner7 writes "Welcome to the age of targeted attacks, Mac users. Perhaps having grown tired of owning Windows machines around the world for the last few years, attackers have now taken up the challenge of going after Macs with the same kind of targeted attack tactics that have served them so well in the Windows world. Researchers have found a new attack that employs two separate pieces of malware, a malicious Word document and some techniques for maintaining persistence on compromised machines, and the campaign is specifically targeted at Mac users. The command-and-control domain involved in the attack is located in China and the attack exploits a three-year-old vulnerability in the way that Office for Mac handles certain Word files, according to researchers at AlienVault, who discovered and analyzed the attacks."
This discussion has been archived. No new comments can be posted.

MacControl Trojan Being Used In Targeted Attacks Against OS X Users

Comments Filter:
  • by Grishnakh (216268) on Wednesday March 28, 2012 @06:25PM (#39502029)

    Interesting that this Mac exploit only applies to Mac users who use Microsoft Word. Not saying that Macs are ultra-secure, but maybe the malware authors are just going after the low-hanging fruit, which is Microsoft software, regardless of what platform it's installed on.

    Maybe this is how MS will finally put to rest the notion that Linux is more secure than Windows: they'll release MS Office For Linux, which will then open Linux users up to the same level of insecurity Windows users have had forever.

  • by bmo (77928) on Wednesday March 28, 2012 @06:32PM (#39502113)

    Interesting that this Mac exploit only applies to Mac users who use Microsoft Word

    When you include a scripting language in your document spec, expect people to use it.

    Good people and bad people.

    --
    BMO

  • by t4ng* (1092951) on Wednesday March 28, 2012 @06:33PM (#39502141)

    Any OS that can be pwned by an exploit in *any* software running in user mode is insecure. Sorry, but those are the facts.

    The reason for using an exploit in MS-Office is because is one of the most commonly used software products on Macs since its very beginning. So developing an exploit that uses a commonly used software means a better chance of spreading it.

  • by v1 (525388) on Wednesday March 28, 2012 @06:52PM (#39502373) Homepage Journal

    Writing a macro language for your anything that has the ability to silently add/edit the macros in other unrelated documents is just nine kinds of stupid.

  • Re:Microsoft (: (Score:5, Insightful)

    by recoiledsnake (879048) on Wednesday March 28, 2012 @07:20PM (#39502703)

    Now how cool is that. A new threat is found for the Mac platform and it's in a Microsoft product of course.
    It's an improvement on the previous round, though. Last time it was about malware that required you to actually install it :D

    However, it's an interesting counter-point to the commenters who regularly comment(and get modded up to 11) "How about MS fix security in Windows instead of taking down botnets/shipping antivirus etc.). There is no way to secure an OS from application exploits short of iOS style lockdown, which these very commenters would slag as "TAKING AWAY MY FREEEDOMZZZ". Sorry, but blaming Windows holes has become passe, especially after malware for OS X and Android(run on a Linux kernel which we are told is secure compared to Windows) has come out.

  • Re:Microsoft (: (Score:5, Insightful)

    by Nerdfest (867930) on Wednesday March 28, 2012 @07:58PM (#39503063)

    An iOS style lock-down wouldn't help. It could just as easily been another piece of software, they tend to pick those that are widely deployed.

  • Re:Microsoft (: (Score:5, Insightful)

    by mjwx (966435) on Wednesday March 28, 2012 @08:53PM (#39503671)

    There is no way to secure an OS from application exploits including of iOS style lockdown, which these very commenters would slag as "TAKING AWAY MY FREEEDOMZZZ". Sorry, but blaming Windows holes has become passe, especially after malware for OS X and Android(run on a Linux kernel which we are told is secure compared to Windows) has come out.

    Fixed that for you.

    Remember that IOS gets exploited regularly, including remote exploits like JailbreakMe.com.

The superior man understands what is right; the inferior man understands what will sell. -- Confucius

Working...