Spear-phishing campaign targeting Uyghurs used Microsoft vulnerability
Hacktivists have been luring Uyghurs and their supporters on Mac OS X to open e-mails with documents exploiting the MS09-027 vulnerability in Microsoft Office, which installs a backdoor allowing remote access.
A spear-phishing campaign against the Uyghur people has been uncovered whereby malicious e-mails leverage a security hole in Microsoft Office for Mac OS X to create a backdoor.
According to research by Kaspersky Labs and AlienVault on Wednesday, spear-phishing e-mails and highly targeted booby-trapped messages had been sent to Uyghurs or their supporters using Mac computers. The Uyghurs are an ethnic group living mostly in Eastern and Central Asia, primarily in the Xinjiang Uyghur Autonomous Regionin China, who have long been seeking independence. The e-mails had contained .doc files which exploited the MS09-027 vulnerability in Microsoft Office for Mac. This security hole allows miscreants to execute malicious code on the victim's unpatched machine when the document is opened.
File names had included "Concerns over Uyghur People's Fundamental Rights Under the New Chinese Leadership" and "Press Release on Commemorat Day of Mourning". When successfully opened, the attack installs a backdoor on the compromised Apple Mac, enabling hackers to remotely control the computer and spy on its user's activities.
Most attacks had taken place during 2012, but there had been a significant spike in the number of attacks during Jan 2013 and Feb 2013, Kaspersky Labs noted.