Criminals Exploit Microsoft Office Flaws to Attack Uyghur Mac Users
Security firms Kaspersky and AlienVault have teamed up to analyze an interesting spear phishing campaign that’s aimed at Uyghur users. Attacks against this community are not uncommon, but it appears that cybercriminals are not willing to give up just yet.
The attackers rely on maliciously crafted Microsoft Word documents which exploit a vulnerability that affects Microsoft Office for Mac. The security hole in question was addressed by Microsoft in the summer of 2009, but it appears it can still be used successfully in targeted attacks.
The documents are entitled something like this:
- WUC Hacking Emails.doc
- Concerns over Uyghur People.doc
- Jenwediki yighingha iltimas qilish Jediwili.doc
- Press Release on Commemorat the Day of Mourning.doc
- The Universal Declaration of Human Rights and the Unrecognized Population Groups.doc
- Deported Uyghurs.doc
- Kadeer Logistics detail.doc