Targeted Pro-Tibetan malware attacks hit Mac OS X users

Targeted Pro-Tibetan malware attacks hit Mac OS X users

Summary: According to a newly published data, Mac OS X users are just as susceptible to targeted attacks, as Windows users are.


According to a newly published data, Mac OS X users are just as susceptible to targeted attacks, as Windows users are, thanks to the emergence of popular tactics within the cybercrime ecosystem known as localization, market segmentation, and event-based social engineering attacks.

What's particularly interesting about this campaign, is the fact that the same C&C server used in it, was also observed in recent targeted attacks observed by AlienVault Lab.

This is the second Tibet-themed targeted malware attack intercepted for March, 2012, following the one researchers from AlienVault Lab uncovered earlier this month.

The malware is currently detected as TROJ_MDROPR.LB.

Topics: Apple, Hardware, Operating Systems, Security, Software

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • ZD-Net targeted with BS headlines.

    Your headline s*cks. It is VERY MISLEADING AND INCOMPLETE, AS USUAL.
    Your headline should read: "Targeted Pro-Tibetan malware attacks hit Mac OS X Tibetan NGOs", NOT "Mac OS X Users" as this implies all users in general. And you should include in the text that you if you are a Tibetan NGO, you have to open an attached word file from someone suspicious you didn't solicit, DUH, like anyone would do that. Malware isn't societies only problem, stupid copywriters also top the list.
  • Help us assess the threat

    When writing about malware, give some useful data so informed people can be protected.

    1) What steps do you as the user have to take to infect yourself.
    2) Is it currently recognized by OS X built in malware utility.
    3) Do you need anything loaded to make you vulnerable.

    If we know these things we can assess our risks and be safe. Or you can just keep yelling the sky is falling! and we can all run around stupid.
    • It's in all likelihood a trojan

      because all attacks on Macs have been just that.
      Note though how careful they are to call it malware which it's actually is too, but that's less specific and some people might think it's more serious than Windows trojans which actually are worms or viruses but is called trojan just to downplay the seriousness on the Windows platform.

      The Windows specific ZeuS virus is spreading like fire on the web and that too is described as a trojan when it's actually a drive-by infection.
      You see, the antivirus software makers are on a fishing trip to get Mac customers. Don't buy their crap!
  • Headinthesanditis

    jmgzifras suffers from it. Instead of putting the messenger on blast why not ask the questions DougPetrosky is asking? Instead you act like this affects only Mac OS X Tibetan NGOs when it could affect anyone who has a Mac and is either gullible, does not have their malware utility updated, or believes - as the Mac Store Geniuses like to claim - that the Mac is completely invulnerable to malware. Fact is old boy that while Macs are quite invulnerable to viruses they are vulnerable to trojans. But don't let the facts stop you from being a jackwagon to the messenger...