A Muslim minority living in China’s far west has become the target of malware attacks that take advantage of a security hole in the Mac version of Microsoft Office.
Costin Raiu of computer security firm Kaspersky Labs posted a report on SecureList, in conjunction with AlienVault Labs, that indicated members of the Muslim Uyghur ethnic group using Apple’s Mac OS X are suffering an increasing number of cyberattacks.
As long ago as last June, Uyghur groups were noted to have been targeted, and the problem appears to have worsened recently.
“During the past months,” Raiu wrote, “we’ve monitored a series of targeted attacks against Uyghur supporters, most notably against the World Uyghur Congress... Although some of these attacks were observed during 2012, we’ve noticed a significant spike in the number of attacks during Jan 2013 and Feb 2013, indicating the attackers are extremely active at the moment.“
The attacks apparently use poisioned Microsoft Word documents to exploit a Microsoft Office vulnerability.
Victims are targeted via email, with messages that appear to include a relevant attachment, sometimes a Word document entitled “Concerns Over Uyghur People’s Fundamental Rights Under The New Chinese Leadership,” other times masquerading as a white paper.
When the victim clicks on the attachment, the malware installs a backdoor on the target machine, giving whoever is perpetrating these attacks full remote access to the machine.
Last year, prior to the Uyghur attacks, Kaspersky discovered Mac OS X vulnerabilities being exploited against Tibetan activists.
The fact that both Tibetan and Uyghur activists are critical of the Chinese government does not prove the hackers are Chinese, but it is certainly a possibility.
Photo by Ricky Qi/Flickr