A new trojan horse app called Dockster is targeting Mac users by exploiting a known Java vulnerability CVE-2012-0507. The trojan is apparently being delivered through a website (gyalwarinpoche.com) dedicated to the Dalai Lama and once installed can collect user keystrokes and other personal information.
Mac in Danger ? Earlier this spring, a Russian security firm discovered a trojan piece of malware which took advantage of a Java vulnerability on many computers, Macs and PCs alike. This trojan, known as “Flashback,” was used to enlist some 600,000 infected computers into a botnet.
Malware also provides an interface that allows attackers to download and execute additional malware. Dockster has been found to use the same exploit code as the previous SabPab virus to gain access through a backdoor. Dockster is also said to launch an agent called mac.dockset.deman, which restarts each time a user logs in to their Mac.
Dockster is only the latest Mac-based threat to hit organizations and people sympathetic to Tibet’s conflict with the Chinese government.
In April, another piece of malware, known as “Backdoor.OSX.SabPub,” or “SabPub” was found and distributed through Microsoft Office files sent to those who may sympathize with Tibet. The attackers behind SabPub used a technique known as “Spear-Phishing,” a practice used to target smaller groups of people as opposed to sending out mass emails in hopes that someone will click a link.
In September, security firm AlienVault said it had discovered the creator of the PlugX Remote Access Tool (RAT), which had been used by hackers from various countries to target Tibet. The creator hailed from China.
Mohit Kumar aka ‘Unix Root’ is Founder and Editor-in-chief of ‘The Hacker News’. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. His editorials always get people thinking and participating in the new and exciting world of cyber security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. His all efforts are to make internet more Secure
You must log in to post a comment.