The Hacker News Logo
Subscribe to Newsletter

Chinese Government targets Uyghur group by malware attack

An old vulnerability in Word for OS X is being used in increasing levels of attacks, probably government-sponsored hacking programs against Uyghur group, including Tibetans, NGOs and human rights organizations.

A number of attacks have been seen directed at the World Uyghur Congress, a Munich-based organization that promotes human rights. Potential victims are often tricked by so-called spear phishing attacks, the targets receive an e-mail with a subject relevant to their interests, and a Word document attached. 
When they open the document, TinySHell exploits a vulnerability and then infects the computer. Exploit allows long-term monitoring or even control of the compromised system though a backdoor it installs. The malware is configured to connect to command and control servers that have been used for years in APT attacks.

All the attacks use exploits for the CVE-2009-0563 (Microsoft Office) vulnerability and The backdoor also includes hard-coded functionality to pull down an arbitrary executable from the C2s.

Kaspersky recommend users to Update all software (especially Word) that you have on your computer and to use Chrome or other browsers that include fraud-detection features.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.