Mac OS X Backdoor Delivered Via Exploit Hits Asian Activists
A bug in the Mac OS X version of the Microsoft Office suite has been used to spy on the cyber-habits of some Asian activists militating against the Chinese government.
This highly-targeted attack uses a specially-crafted document delivered via email – if opened, the malicious document drops and installs a backdoor application on the victim’s Mac computer that gives an attacker control of the system.
The document exploits a not-yet-patched vulnerability known as CVE-2009-0563 that affects Microsoft Office for Mac 2004 and 2008, among others. Though known since 2009 and a patch is readily available, Apple users in the Uyghur community have still fallen for the trick as they likely did not apply the fixes.
Highly targeted attacks nowadays from rival states or governments usually rely on zero-day flaws to pierce system security and use different, older CVEs as a backup if the first exploitation mechanism fails, because attackers know they only have one shot and a second attempt will raise the victim’s suspicion. This attack used a Word buffer overflow vulnerability that has been known for years and that could have been easily plugged by deploying the fix.
Which brings us to the real issue: the general perception of Macs is that they are invulnerable to malware, so there is no need for a security solution on the machine. While Macs are less exposed to malware because of their limited market share, they are not magically immune. On the contrary, in the absence of a security solution, the average user can fall victim to the most ridiculous bugs in third-party software, such as this four-year bug.
We offer a free antivirus solution for your Mac that can be downloaded directly from the Apple Store.