Researchers at Trend Micro are warning of the latest incarnation of a backdoor trojan horse that has been used in the past to target Mac users.
The Ocean Lotus gang, also known as APT 32, has previously been linked to the Vietnamese government and watering hole attacks that compromised websites belonging to the likes of Camodbia’s Ministry of Defence, and various Vietnamese online newspapers and blogs.
One theory is that some of the the malware attacks may have in the past been designed to assist local industry competing with foreign competitors.
According to Trend Micro, this new incarnation of the Open Lotus Mac malware appears to target Vietnamese users – using the icon of a Word document with a Vietnamese filename as a disguise, but in reality being an app bundled in a Zip archive.
Apparently the file’s title (“tìm nhà Chị Ngọc”) roughly translates to “find Mrs. Ngoc’s house”
No, I don’t understand the relevance of that either, but I’m presumably not the person they’re targeting.
Upon launching the file, a Word document is displayed as a decoy while other malicious operation take place unnoticed by the user.
Once in place the malware can download additional code, and be remotely controlled by hackers to steal files and other information from the targeted Mac computer.
Sadly, many Mac users remain oblivious to the very real malware threat which exists for their operating system.
It’s true to say that there is a lot less Mac malware than there there is for the Windows platform, but that does not mean that it does not exist at all – and you won’t be feeling too smug if you’re unlucky enough to be hit by a backdoor trojan like Open Lotus.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.