“A new backdoor which affects the Apple Mac operating system has been discovered by researchers which claim there is a link to the OceanLotus threat group,” Charlie Osborne reports for ZDNet. “The backdoor, identified as OSX_OCEANLOTUS.D, targets MacOS systems which have the Perl programming language installed.”
“Trend Micro believes the backdoor is the work of OceanLotus, also known as SeaLotus and Cobalt Kitty,” Osborne reports. “OceanLotus has been linked to attacks against human rights organizations, media organizations, research institutes, maritime construction firms, and other corporate targets.”
“According to ESET, OceanLotus is likely operating out of Asia and has set its sights not only on high-profile Vietnamese targets, but corporate and government groups based in the Philippines, Laos, and Cambodia,” Osborne reports. “Volexity has worked with a number of human rights and civil society organizations in these areas which appear to have all been targeted by the threat actors since 2015.”
Read more in the full article here.
MacDailyNews Take: Trend Micros says:
The MacOS backdoor was found in a malicious Word document presumably distributed via email. The document bears the filename “2018-PHIẾU GHI DANH THAM DỰ TĨNH HỘI HMDC 2018.doc,” which translates to “2018-REGISTRATION FORM OF HMDC ASSEMBLY 2018.doc.” The document claims to be a registration form for an event with HDMC, an organization in Vietnam that advertises national independence and democracy.
Malicious attacks targeting Mac devices are not as common as its counterparts, but the discovery of this new MacOS backdoor that is presumably distributed via phishing email calls for every user to adopt best practices for phishing attacks regardless of operating system.
End users can benefit from security solutions such as Trend Micro Home Security for Mac, which provides comprehensive security and multi-device protection against cyberthreats. Enterprises can benefit from Trend Micro’s Smart Protection Suites with XGen™ security, which infuses high-fidelity machine learning into a blend of threat protection techniques to eliminate security gaps across any user activity and any endpoint.
More info and links here.