New Delhi: Earlier this year, Macs around the world were infected by a malware called Flashback and it looks like there's another one on the way. Kaspersky Lab has now detected a malware that seems to be targeted at Uyghur activists using Macs. Kaspersky Lab is terming the attack as an APT (advanced persistent threat).
It appears the virus spreads via email. Victims get a mail with a zip file in it, the zip file contains a JPG image and a Mac OS X application. The application present in the zip file is a MaControl backdoor and it infects both i386 and PowerPC Macs.
Once the user runs the application, the virus is connected to a control server on the internet from which it is sent commands. Other operations such as listing and transferring files can also be done. Remote command orders can also be sent from the control server. Kaspersky detects the virus under the alias - Backdoor.OSX.MaControl.b.
Kaspersky Lab has detected that the control server is located somewhere in China, based on the IP address that the backdoor virus contacts. There are also several spelling mistakes found in the comments and debug information. Kaspersky expects these kinds of APT attacks to increase on Macs. Apples products have been secure from worms, viruses and hackers, until now. ...more
11:50 AM, Jul 01, 2012