Hackers Are Exposing An Apple Mac Weakness In Middle East Espionage
Apple Macs are rarely the target of digital espionage. But in recent years, a mysterious hacker crew called WindShift has targeted specific individuals working in government departments and critical infrastructure across the Middle East. And they’re exploiting weaknesses believed to affect all Apple Mac models.
That’s according to United Arab Emirates-based researcher Taha Karim, who said the targets were located in the so-called Gulf Cooperation Council (GCC) region. That encompasses Saudi Arabia, Kuwait, the UAE, Qatar, Bahrain and Oman. The targets were sent spear phishing emails containing a link to a site run by the hackers. Once the target clicked on the link, an attack would launch, the eventual aim of which was to download malware dubbed WindTale and WindTape.
Karim, a researcher at cybersecurity company DarkMatter, said the attackers had found a way to “bypass all native macOS security measures.” Once they’d penetrated those defenses, the malware would exfiltrate documents of interest and continuously take screenshots of the victims’ desktops. The attacks have been ongoing from 2016, through to today, the researcher added.
Karim declined to say what kinds of critical infrastructure had been targeted and would name neither specific countries nor victims. He’s presenting his full findings on Thursday at the Hack In The Box conference in Singapore.