New malware dropper targets OSX systems, from Trend Micro;

Wednesday, March 28th 2012. | Internet News

TrendMicroA new malware dropper attack is specifically targeting computers running Apple Inc.’s Mac OSX operating system, a computer security firm warned Thursday (Manila time).

Trend Micro said the malware, which its products detect as TROJ_MDROPPER.LB, is a MAC RAT/backdoor being used in Pro-Tibetan targeted campaigns.

“In investigating the campaign, we found that the C&C (command and control) being used in this particular attack is the same C&C we also saw being used by one of the Gh0stRat payloads in the series of Pro-Tibetan targeted attack campaigns we are seeing recently,” it said in a blog post.

A screenshot of the email carrying the malware as posted on Trend Micro’s blog site showed the email message called for freedom in Tibet.

Trend Micro said one of the routines executed by TROJ_MDROPPER.LB is to drop and open a non-malicious .DOC file, to trick the user that they’ve opened a normal file.

“This development in targeted attacks just shows that the groups behind campaigns such as this one are taking into consideration changes in the computing landscape, such as the increase in the number of Mac users. This adjustment to affect Macs also shows that they are refining their scope, and are really customizing their tools to suit their targets,” it said.

“In this light, and knowing that the MAC OSX arena has seen in its fair share of threats increasing, it is advisable to be aware that MAC OSX can also be targeted, and seen as a new playing field for these groups behind targeted attacks and APTs to further their agenda,” it added.

Related For New malware dropper targets OSX systems, from Trend Micro;