Two security vendors have detected an uptick in targeted malicious software attacks against the Uyghur community, an ethnic group in western China that has long campaigned for greater independence from Beijing.
The attacks have been engineered to target Uyghur supporters using Apple's Mac OS X operating system. Costin Raiu, director of Kaspersky Lab's global research and analysis team, wrote that a number of attacks have been seen directed at the World Uyghur Congress, a Munich-based organization that promotes human rights.
The attacks, some of which were observed last year, have spiked this year, "indicating the attackers are extremely active at the moment," Raiu wrote.
In all of the cases, the attack code is embedded within a Microsoft Word document. If the document is opened, the attack code exploits a Word vulnerability (CVE-2009-0563) patched by Microsoft in June 2009, Raiu wrote.
If the attack is successful, a malicious software program known as a "backdoor" is delivered, which is capable of stealing the user's personal contacts. The malware then contacts two servers.
"Both servers are hosted at 'Black Oak Computers Inc.,' which is a well known bullet-proof hosting provider that ignores pretty much all shutdown requests," Raiu wrote.
Potential victims are often tricked by so-called spear phishing attacks, which involve sending emails targeted at specific people with malicious attachments that they're likely to open.
Jamie Blasco, director of AlienVault Labs, wrote that attackers copied some of the company's research into spear phishing and used it as a lure in attacks against Tibetan NGOs. AlienVault worked with Kaspersky on the latest research.
Raiu advised that Mac users should not feel a greater sense of security just because they are using Apple products. In prior years, Apple ran an advertising campaign that in part promoted the idea that Apple systems are immune from the malware problems that have plagued Windows.
"Mac users are definitively not immune against malware," Raiu wrote. "And especially with targeted attacks against Mac users on the increase, we can expect more malware and exploits designed to infect Mac OS X."
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.