New variant of Mac Trojan discovered, targeting Tibet

Filed Under: Apple, Featured, Malware, OS X

Mac OS X malwareIt's true to say that there's a lot lot less malware in existence for Macs than there is for Windows PCs. But that doesn't mean that it doesn't exist at all.

And clinging onto the statistics of the much smaller proportion of Mac malware compared to Windows malware is going to be cold comfort if your Apple Mac is the one which ends up getting infected.

The latest Mac malware seen by the experts at SophosLabs, is a new variant of the OSX/Imuler Trojan horse. In the past, earlier variants of the OSX/Imuler malware has been spread via topless photos of a Russian supermodel or embedded deep inside boobytrapped PDF files.

This time, it appears that the a version of the Imuler Trojan has been used in an targeted attack against sympathisers of the Dalai Lama and the Tibetan government, as the malware appears to have been packaged with images of Tibetan organisations.

Tibet pictures

If your Mac was successfully infected by malware like this, you have effectively given remote control of your computer and your data to an invisible and unknown party. They could steal files from your Mac, spy on your emails, and plant further malware onto your systems.

(It will be left as an exercise to the reader to come up with a shortlist of who might have an interest in breaking into the computers of Tibetan organisations).

Customers of Sophos, including users of Sophos's free anti-virus for Mac, are protected against the malware which has been detected as a variant of the OSX/Imuler-B backdoor Trojan since the early hours of 11th November 2012.

Users of other Mac anti-virus products may be wise to check with their vendors if they are protected.

This new malware variant may not be widespread - but it is another indication that the malware threat on Macs is real, and should not be underestimated.

, , ,

You might like

One Response to New variant of Mac Trojan discovered, targeting Tibet

  1. Nigel · 709 days ago

    "(It will be left as an exercise to the reader to come up with a shortlist of who might have an interest in breaking into the computers of Tibetan organisations)."

    Hmmm...let's see, now --- which communist nation that is the most populous in the world has been committing human and cultural genocide in Tibet since 1950, and calling it "liberation"...? Don't tell me...something to do with rewriting history...and their notoriously bloodthirsty leader's name rhymed with "Chairman Cow"...ah, well, I'm sure I'll figure it out.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.