Kaspersky Labs released a report today about a new malware on the Mac OS X today that spreads itself through zip file attachments. Costin Raiu of Kaspersky Labs said that they were able to “intercept” the new advanced persistent threat or ATP using a new MacOS X backdoor variant targeted at Uyghur activists. Uyghur are a Turkic ethnic group living in Eastern and Central Asia. On Monday this week, a group of Uyghur activists were reportedly beaten up by the Chinese police forces while holding a peaceful demonstration.
Raiu believes that the new wave of APT attacks was targeted to a few Uyghur Mac users. Essentially the attachment lures the Mac user into installing a MaControl backdoor variant that hosts the virus. Inside the virus is an encrypted IP address, reportedly belonging to a server in China via a C+C server.
If ever the user installs it, the malware will then open a backdoor allowing attackers to run commands on Macs. But Raiu estimates that the number of attacks on Mac OS X will continue to grow, considering the popularity of the device. His highness, the Dalai Lama, is considered as one of the high-profile Mac users today. “It is no surprise that we are seeing an increase in the number of APT attacks,” Raiu added.