Researchers at Trend Micro are warning of the latest incarnation of a backdoor trojan horse that has been used in the past to target Mac users.
The Ocean Lotus gang, also known as APT 32, has previously been linked to the Vietnamese government and watering hole attacks that compromised websites belonging to the likes of Camodbia’s Ministry of Defence, and various Vietnamese online newspapers and blogs.
One theory is that some of the the malware attacks may have in the past been designed to assist local industry competing with foreign competitors.
Sign up to our newsletterSecurity news, advice, and tips.
According to Trend Micro, this new incarnation of the Open Lotus Mac malware appears to target Vietnamese users – using the icon of a Word document with a Vietnamese filename as a disguise, but in reality being an app bundled in a Zip archive.
Apparently the file’s title (“tìm nhà Chị Ngọc”) roughly translates to “find Mrs. Ngoc’s house”
No, I don’t understand the relevance of that either, but I’m presumably not the person they’re targeting.
Upon launching the file, a Word document is displayed as a decoy while other malicious operation take place unnoticed by the user.
Once in place the malware can dow ..