The increase is further proof that users of any system are vulnerable to hacks.
|One of the pages displayed by a booby-trapped Word document that exploits a vulnerability Microsoft patched in 2009.|
The increased attacks are targeting supporters of the Uyghur people, a Turkic ethnic group who primarily live in a region of China, according to two separate reports independently published by researchers from Kaspersky Lab and AlienVault Labs. They are the latest to document the growing vulnerability of Mac users to so-called advanced persistent threats, which target users over a span of months or years to mine specific proprietary or social information of interest to the attackers.
"With these attacks, we continue to see an expansion of the APT capabilities to attack Mac OS X users," wrote Costin Raiu, director of Kaspersky's global research and analysis team. "In general, Mac users operate under a false sense of security which comes from the years-old mantra that 'Macs don’t get viruses.'"
As with some of the previous attacks, the perpetrators of the campaign documented in Wednesday's reports tricked users into opening booby-trapped Microsoft Word documents that exploit a vulnerability that was fixed in 2009. Those who fall for the ruse and are using out-of-date versions of Word are infected with an off-the-shelf backdoor known as TinySHell. The malware is configured to connect to command and control servers that have been used for years in APT attacks.
Macs have been successfully targeted in a variety of other espionage campaigns, as Ars has reported previously. Last year, commercially motivated malware known as Flashback also infected an estimated 500,000 Macs by targeting a vulnerability in Oracle's Java browser plugin.
Malicious hackers generally only do as much work as necessary to infect their targets, and that may explain why the tools in this campaign are relatively primitive. If the targets are using old systems with no antivirus protection and haven't been trained to avoid e-mail-borne attachments, the perpetrators have little reason to use more valuable firepower. Indeed, attacks that have succeeded for years against Windows users also employ easy-to-defeat techniques. Wednesday's reports are a good reminder that no matter what kind of computer people are using, users are vulnerable to attacks that can completely compromise their personal, business, and social secrets.