Kaspersky Lab has ousted a new backdoor in Mac OS X that is used as part of an Advanced Persistent Threat campaign. Experts say this is a new and previously unknown variant of the MaControl backdoor, affecting both i386 and PowerPC Macs.
The backdoor is landing on machines via e-mail containing the malicious attachment, often disguised as a .jpeg file. Once the code has been executed, it connects to a Command and Control server that lets the author run commands and open files on the infected system. The security lab was able to determine that the control server was located in China. Furthermore, the infection was said to originally target Uyghur activists in this region.
This threat is the latest in a growing number of attacks against Apple users. In April, the Flashback malware made headlines as it infected over 600,000 systems worldwide. More than half of those infections occurred in the US.
For many years it was believed that Macs weren’t vulnerable to the same type of attacks that Windows users had been plagued with but now we know that isn’t true. The reality, however, is simply that Macs weren’t as popular as they are now and there simply wasn’t enough motivation for hackers to target Apple systems.
As one could imagine, these outbreaks and subsequent negative press isn’t doing much to help Apple’s reputation as being invincible to viruses and malware. In fact, Kaspersky CEO Eugene Kaspersky recently said that the Mac is at least 10 years behind Microsoft with regards to security.