New OSX malware targets Tibetan activists

Users of Apple computers running OS X were warned this week against a new variant of the OSX/Imuler malware that targets Tibetan activists but can allow an attacker to control an infected machine.

 

Security firm Intego said OSX/Imuler.E disguises itself as group photos of Tibetan organizations, as a social engineering bait.

 

"Like previous variants, once the Trojan is active, Imuler calls home to await further instructions. The Trojan survives reboot until the malicious files are removed," Intego said in a Nov. 12 blog post.

 

It steals information by searching the system for user data and taking screenshots.

 

The stolen data is then uploaded to the controller’s server, even as the malware creates a unique identifier for the specific Mac.

 

Also, the backdoor allows new files to be downloaded onto an affected system.

 

Intego said the backdoor Trojan family was first discovered in September 2011 disguised as a Mac PDF Trojan horse.

 

The malware targets activist organizations with emails claiming to contain pictures.

 

"Each variant has tried different tactics, either trying to scare or entice their target into opening the file," Intego said.

 

Intego said its VirusBarrier antivirus product can detect the Trojan. — TJD, GMA News