Dockster Mac Malware Planted on Website Dedicated to Dalai Lama

The malicious element uses a Java-based exploit to infect computers

  gyalwarinpoche.com compromised and set up to serve Mac malware
Researchers from security firm F-Secure have identified a new Mac malware planted on a website dedicated to Dalai Lama (gyalwarinpoche.com).

Researchers from security firm F-Secure have identified a new Mac malware planted on a website dedicated to Dalai Lama (gyalwarinpoche.com).

The malicious element, Dockster, uses a Java-based exploit which leverages the same vulnerability as the notorious Flashback.

Once it finds itself on a computer, Dockster drops a backdoor identified as Backdoor:OSX/Dockster.A, which allows the attacker to download arbitrary files and log keystrokes.

According to experts, the latest versions of Mac OS X are not affected by this malware. Furthermore, internauts who have disabled their Java browser plugins should also be safe.

Mac users aren't the only ones who should refrain from visiting this website. Researchers reveal that it also hosts a Windows payload identified as Trojan.Agent.AXMO.

gyalwarinpoche.com is not the official Dalai Lama website, but it has been around since 2009/2010. This makes it perfect for campaigns that target Tibetan users and the members of Tibetan NGOs.

Last month, experts uncovered a new version of the Imuler OS X Trojan being utilized in a similar campaign.

Comments