Mac Backdoor Used in Campaign Targeting Chinese Dissidents

Mac OS X backdoor distributed by email-based attack campaign targeting Uighur activists.
By Lucian Constantin
News Jul 2nd 2012

A new Mac OS X backdoor is being distributed as part of email-based attacks against Uighur activists, according to security researchers from antivirus firm Kaspersky Lab.

The Uighur are a Turkic ethnic group living primarily in the Tarim Basin in the Xinjiang Uighur Autonomous Region of China. As is the case with Tibet, there is an international activist movement that calls for the independence of this region and an end to alleged human rights violations against Uighurs in China.

An advanced persistent threat (APT) campaign targeting Uighur activists was detected on June 27, Costin Raiu, director of Kaspersky's global research and analysis team, said in a blog post on Friday.

The campaign consisted of rogue emails written in Uighur and accompanied by a ZIP file attachment. The ZIP archive contained a new version of a Mac OS X backdoor called Macontrol that supports both i386 and PowerPC Macs, Raiu said.