Apple Mac Devices Are Being Affected By A New Malware Meant To Spy And Steal Information

Must Read

Indian Marketers To Invest More On Social Media In 2013: 52% Focus On Customer Acquisition [Report]

Majority of e-Marketers are focusing on Customer Acquisition via Social Media in 2013, according to a latest e-Marketing research...

Are You A Gaming Geek: ‘Five Commandments’ Before You Buy Video Games Online !

Does your day start with joysticks instead of coffee mugs? Or as a kid your best friends were the...

Apple Inc. (AAPL) 5.5 Inch Screen iPhone 6 Could Be A Game Changer: Rumors Claims 5.7-Inch iPhone 6C

Apple Inc. (NASDAQ:AAPL) looks set to release iPhone 6 with a 4.7 inch screen in September this year. Mass production for...

If you are a Macbook user, then beware! There’s a new form of malware doing rounds on the internet and specifically targeting Apple’s macOS.

Let’s dig in and learn more about it.

According to analysts from Trend Micro, a cybersecurity firm, the malware is a part of a campaign which has been found to be linked to a hacking group called OceanLotus (alternatively APT32). The group reportedly has ties with the Vietnamese government as well.


This particular group of threat actors is notorious for targetting various foreign companies based in Vietnam operating in the field of media, research and construction. However, In this case of targeting Apple macOS, their ambition isn’t fully known. 

The analysts from the cybersecurity firm believe that OceanLotus is using this malware for espionage purposes in order to aid Vietnamese-owned businesses. Using the MacOs backdoor, the attackers can gain access to an infected machine which then enables them to steal all kinds of confidential and sensitive information from the device.

Trend Micro’s analysts were able to identify the malware being linked to OceanLotus or APT32 as it is otherwise called because they spotted lot many similarities in the backdoor’s code and behaviour to something the hacking group used in their previous campaigns.

So, how does the macOS backdoor malware infect a device?

It all begins with mass sent phishing emails which encourage potential victims to run a Zip file often disguised as a Word (.docx) file. After a user runs it, using special characters deep inside the zip folders, the malware avoids getting detached by antivirus scanners and finally ends up infecting a particular device.


Now, even though the macOS backdoor is advanced enough to trick malware detection software, unfortunately, it cannot fool a trained eye. If users pay attention to the Word file when they run it, they can easily spot that the document doesn’t actually appear.

However, that being said, at this stage, the user is too late as an initial payload already starts working on the device and changes access permissions to load a second-stage payload which then repeats the same task so a third-stage payload could be installed. After this series of events take place, the backdoor slides into the system very easily and OceanLotus’s malware evades all forms of detection.

The analysts from Trend Micro noted that this newly updated malware, in many ways, works similarly to the older versions of the malware.

Also, the objective of the hacking group has always remained the same. By installing the malware onto a victim’s device, the threat actors aim to collect system information and download files along with uploading additional malicious software to the system if required.

According to Trend Micro’s researchers, variants of the malware are still being developed actively as it makes sure the backdoor can persist without being detected for longer durations.

Thus, what can you do to make sure you avoid getting your device infected in the first place?

Well, it is fairly easy. Users need to be cautious about clicking links or downloading suspicious attachments from emails being sent by unknown sources. Along with that, Trend Micro also suggests that users should apply every available security patch and other related updates because that will ensure the OS is able to better tackle known vulnerabilities.


Please enter your comment!
Please enter your name here

Latest News

The Future of Apple MacBook Pro M1 Seems To Be In Question

If you're thinking of buying a new MacBook Pro with M1 chipset then stop and give this article a...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded and unparalleled...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter, with a...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one of the...

More Articles Like This