Feb 14, 2013

East Turkestan: Government Hacks Uyghur Mac Users

The Chinese government uses Apple computers’ weaker resistance to malware in order to conduct cyber-attacks targeting the Uyghurs and other groups.

Below is an article published by I Tech Post:


The cyber-attacks against Uyghur users on Macs is another incident in the long string of probably government-sponsored hacking programs against several groups, including Tibetans, NGOs and human rights organizations.


AlienVault Labs and Kaspersky released two reports detailing spearphishing schemes targeted at Mac users who support the Uyghur people. The targets receive an e-mail with a subject relevant to their interests, and a Word document attached. When they open the document, TinySHell exploits a vulnerability (that has been fixed since Microsoft Office Word 2003 Service Pack 3 was released in 2009), then infects the computer and allows long-term monitoring or even control of the compromised system though a backdoor it installs.


Fortunately for most Mac users, the spearphishing attempts are crude (there are several telltale signs that you are being phished). Additionally, the most vulnerable computers are ones that have not been updated and whose users do not keep up with security patches.


Kaspersky offers a list of recommendations to keep Macs secure. Using a GMail account will provide advance warning against state-sponsored attacks and employ defense mechanisms that are not available on other free e-mail services. Updating to the latest version of Microsoft Office, installing anti-malware programs, using Google Chrome and even consulting the friend who allegedly sent the e-mail will also help in preventing attacks.


The methods in this instance are unpolished, but it does in many ways make sense for the government: if a cheaper, more basic and less resource-intensive strategy can achieve the ends, why use a more expensive or sophisticated program? Of course, given the recent attacks on the New York Times and previous attempts to infiltrate Google, the Chinese government has proven itself capable of harnessing more advanced techniques to exploit systems it finds undesirable.


"With these attacks, we continue to see an expansion of the APT capabilities to attack Mac OS X users," Kaspersky's report concluded. "In general, Mac users operate under a false sense of security which comes from the years old mantra that ‘Macs don’t get viruses’. "