Once again, Apple's OS X is being confronted with a security risk. The latest backdoor has been discovered by Russian security firm Kaspersky Labs and is being used as part of a Advanced Persistent Threat campaign. This is just the latest in a series of security risks present in the Mac OS X operating system.
Kaspersky researchers found that Uyghur activists in China were being targeted by hackers. These hackers sent e-mails with a compromised attachment that was in the form of a JPEG. The code hidden inside the JPEG was a new form of the MaControl backdoor and is compatible with both the PowerPC and i386 Mac variants.
Costin Raiu, Director of Global Research & Analysis at Kaspersky Lab:
Macs are growing in global popularity, even amongst high-profile people. Many choose to use Mac OS X computers because they believe it's safer. However, we believe that as the adoption increases for Mac OS X, so will both mass-infection attacks and targeted campaigns. Attackers will continue to refine and enhance their methods to mix exploits and social engineering techniques to try and infect victims. Just like PC malware, this combination is commonly the most effective and cybercriminals will continue to challenge Mac OS X users' security, both technically and psychologically.
The researchers found that the Command and Control server that the malware was reporting back to was located in China. This suggests that it could be the government trying to keep tabs on these activists. For years, users believed that Mac OS X was safer than Windows. However, with all of these recent outbreaks, people are starting to realize this is not the case.
It had seemed safer because not many hackers targeted Macs due to their low market penetration. Apple has now realized the times and taken down a comment from its website that claimed they weren't susceptible to the same malware that Windows PCs are. Clearly, they are no longer sure this is the case.
Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.