You Are Here: Home » Industry News » Mac OS X Backdoor Delivered Via Exploit Hits Asian Activists

Mac OS X Backdoor Delivered Via Exploit Hits Asian Activists

A bug in the Mac OS X version of the Microsoft Office suite has been used to spy on the cyber-habits of some Asian activists militating against the Chinese government. 

This highly-targeted attack uses a specially-crafted document delivered via email – if opened, the malicious document drops and installs a backdoor application on the victim’s Mac computer that gives an attacker control of the system.

The document exploits a not-yet-patched vulnerability known as CVE-2009-0563 that affects Microsoft Office for Mac 2004 and 2008, among others. Though known since 2009 and a patch is readily available, Apple users in the Uyghur community have still fallen for the trick as they likely did not apply the fixes.

Highly targeted attacks nowadays from rival states or governments usually rely on zero-day flaws to pierce system security and use different, older CVEs as a backup if the first exploitation mechanism fails, because attackers know they only have one shot and a second attempt will raise the victim’s suspicion. This attack used a Word buffer overflow vulnerability that has been known for years and that could have been easily plugged by deploying the fix.

Which brings us to the real issue: the general perception of Macs is that they are invulnerable to malware, so there is no need for a security solution on the machine. While Macs are less exposed to malware because of their limited market share, they are not magically immune. On the contrary, in the absence of a security solution, the average user can fall victim to the most ridiculous bugs in third-party software, such as this four-year bug.

We offer a free antivirus solution for your Mac that can be downloaded directly from the Apple Store.

About The Author

Senior E-Threat Analyst

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.

Number of Entries : 332

Comments (2)

  • persephone

    “The document exploits a not-yet-patched vulnerability known as CVE-2009-0563 that affects Microsoft Office for Mac 2004 and 2008, among others. Though known since 2009 and a patch is readily available, [..]”

    So the patch is available or not?

    Reply

Leave a Comment

© 2012 Powered By Bitdefender

x
Loading...
Scroll to top