New 'Dockster' malware targets Apple computers
The basic trojan has been found on a website dedicated to the Dalai Lama, according to security vendor Intego
IDG News Service - A new piece of malicious software targeted at Apple users has been found on a website dedicated to the Dalai Lama, but one security vendor is labeling it as low risk.
The malware, nicknamed "Dockster," is a backdoor that allows an attacker to control the victim's computer, record keystrokes and export files, according to Intego, which sells security software for Macs.
Dockster tries to infect computers by exploiting a vulnerability in Java, CVE-2012-0507. The vulnerability is the same one used by the Flashback malware, which first appeared around September 2011 and infected as many as 800,000 computers via a drive-by download. Flashback was used to fraudulently click on advertisements in order to generate illicit revenue in a type of scam known as click fraud.
Apple patched the vulnerability in Java in early April and then undertook a series of steps to remove the frequently targeted application from Macs. Apple stopped bundling Java in the 10.7 version of its Lion operation system, which continued with the company's Mountain Lion release. In October, Apple removed older Java browser plug-ins in a software update.
Intego wrote that Dockster was uploaded on Friday to VirusTotal, a website that tests malware samples against a variety of security software programs to see if the malicious programs are detected. Dockster has also been found "on a website dedicated to the Dalai Lama that has been compromised," Intego wrote.
The website, which has also been targeted before by hackers, had also been set up to deliver an exploit for Windows, wrote security vendor F-Secure in its writeup. Websites sympathetic to the plight of Tibet have frequently been targeted by hackers.
In 2009, security researchers analyzed computers belonging to Tibet's government in exile, Tibetan nongovernmental organizations (NGOs) and the private office of the Dalai Lama, which were concerned about the leak of confidential information. They found the computers had been infected with malicious software that allowed remote hackers to steal information, part of a botnet they dubbed "GhostNet."
Send news tips and comments to email@example.com. Follow me on Twitter: @jeremy_kirk
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts