Monday, April 29, 2013

Mac malware found in malformed Word documents


Our friends at F-Secure have blogged today about a boobytrapped Word document, that appears to be designed to infect computer systems running Mac OS X.

The malicious Word file, examined by the experts in SophosLabs, claims to be about the "6th International Uyghur Women's Seminar & 1st World Uyghur Women's Congress", run by the International Uyghur Human Rights & Democracy Foundation.

Vulnerabilities, exploited in malformed Word documents, install malicious code onto the recipients' computer and a legitimate-seeming Word file with content relevant to the victim is displayed as a smoke screen.

It's clear that the attack is targeted against Uyghur Mac users, and we have seen similar attacks in the past.

Sophos products detect the malware as OSX/Agent-AADL and Troj/DocOSXDr-B.

The obvious question people are likely to ask is... are China to blame for this attack? After all, we have seen several attacks in the past which have targeted minority groups in the country.

There's no 100% proof connecting this attack with the-powers-that-be in Beijing, but you would be a brave man to bet against it.

All Mac users need to keep in mind that its important that all computers, regardless of operating system, are properly secured - and to be on their guard against attacks.

Whether it's likely that you aren't in China's good books or not, there are more and more cybercriminals investigating how they might infect the many Mac computers out there.

It is true that there is much less malware for OS X than there is for Windows, but that's not going to make you feel any better if you end up targeted in an attack like this.

Mac users, just like Windows users, need to ensure that they install the latest security patches and keep their software properly up-to-date.

If you're not already doing so, run anti-virus software on your Macs. If you're a home user, there really is no excuse at all as we offer a free anti-virus for Mac consumers.


  1. Microsoft Office: Just say No.

  2. You can say "no" while the rest of the world says "yes". If you have protection, you can pretty much use whatever application you want. If you're a stupid Mac user without protection, you are an idiotic victim.

  3. True, most people out there in the corporate or home environments want MS Office because they know it, it works very well, it's widely universal and is easy to use. Sure there are free alternatives like Open Office but, like Windows, it's what people want.

  4. Lemmings, all. Stockholm Syndrome, the devil you know, and all that.

  5. I just think that people that buy Apple are simply uninformed. I recently overheard someone say "You can run Photoshop on a PC? I didn't know that." That plus most of them think they are naturally immune from any cyber attack it's really very sad.

  6. Talk about being "simply uninformed"… I've known long-time Apple-averse Windows users who were genuinely surprised to discover that Macs could run Adobe and Microsoft programs, and could work with a wide range of standard peripherals. They had been brainwashed by the hater echo chamber into believing that Macs were incompatible with anything other than Apple-branded software and products.

    If Apple owners feel they are immune for cyber attack, it's not hard to understand why. For years, it was the Wintel PCs that were ruthlessly brutalized by malware while Macs remained unscathed. It has only been recently that we have had to worry about such things. Life is still better in Apple land.

    1. First, I hate people who say 'Wintel'. Apple computers use Intel processors in case you were too ignorant to know.

      Second, Macs were only free from malware because nobody cared enough to make malware for them. Hackers and virus makers would rather focus on the platform with the greatest number of users.

      Third, Macs can be hacked, in fact, they can be hacked pretty easily.

      Those are just two of the more memorable moments at pwn2own.

    2. All your deflections and muddying aside, everything I said still stands.

      Pwn2own is an artificial situation and not representative of real world experience. Whether or not Macs are intrinsically safer is not the issue. In practice, people who chose to use a Mac were less troubled by malware. It was a wise decision for them.

  7. Funny story. The PR dept in my firm runs 4 Macs. On Friday, they all seemed to get hit with some kind of malware or virus. Apparently, a lot of data was erased from them including their backup drives. Only one data backup drive survived because it was off at the time. They still have not recovered any of the Macs and the managers keep coming to me for Photoshop work for ads and images for the website. Every time one of them passes my office I let them know my PC is running perfectly fine if they need to borrow it. They haven't passed by as much since I started doing that. Either way, I don't really "hate" Macs but I no longer have to listen to the smug assholes about how great their Macs are. Now I know they never were great at all.

    1. One anecdote doesn't significantly alter the overall statistics in favor of the Mac.

      Finally, even If Macs were attacked as often as Windows computers, they'd still be better in other ways.

  8. Nice try Brett. You keep treating every problem with Apple as an isolated event. Once you pull your head out of the sand (or your ass) maybe then you'll see.