Mac users warned of more Ocean Lotus malware targeted attacks • Graham Cluley


Researchers at Trend Micro are warning of the latest incarnation of a backdoor trojan horse that has been used in the past to target Mac users.

The Ocean Lotus gang, also known as APT 32, has previously been linked to the Vietnamese government and watering hole attacks that compromised websites belonging to the likes of Camodbia’s Ministry of Defence, and various Vietnamese online newspapers and blogs.

One theory is that some of the the malware attacks may have in the past been designed to assist local industry competing with foreign competitors.

Sign up to our newsletter
Security news, advice, and tips.

According to Trend Micro, this new incarnation of the Open Lotus Mac malware appears to target Vietnamese users – using the icon of a Word document with a Vietnamese filename as a disguise, but in reality being an app bundled in a Zip archive.

Apparently the file’s title (“tìm nhà Chị Ngọc”) roughly translates to “find Mrs. Ngoc’s house”

No, I don’t understand the relevance of that either, but I’m presumably not the person they’re targeting.

Upon launching the file, a Word document is displayed as a decoy while other malicious operation take place unnoticed by the user.

Once in place the malware can download additional code, and be remotely controlled by hackers to steal files and other information from the targeted Mac computer.

Sadly, many Mac users remain oblivious to the very real malware threat which exists for their operating system.

It’s true to say that there is a lot less Mac malware than there there is for the Windows platform, but that does not mean that it does not exist at all – and you won’t be feeling too smug if you’re unlucky enough to be hit by a backdoor trojan like Open Lotus.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.



Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media…

Source…