Mac Malware Signed With Apple Developer ID Targets African Activist

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Genuine Apple developer ID used in attacks on Angolan activist

Malware targeting Mac systems signed with a valid Apple developer ID has been uncovered in attacks aimed at a political dissident’s machine.

Tor Project contributor and privacy activist Jacob Appelbaum discovered the backdoor on a Mac belonging to an activist from Angola. Further details on the activist have not been revealed, as researchers are concerned for their safety. Appelbaum said they were targeted by a spear phishing attack.

Online surveillance © - Fotolia.comMalware hitting global activists

Details emerged at the Oslo Freedom Forum, where the primitive piece of malware was discovered to pilfer screenshots and attempted to contact two different command and control servers.

The attacker used the Apple ID, which they either own or acquired by some other means, to get past Apple’s Gatekeeper protection, which shows a warning if unsigned applications are about to run.

The attack is the latest in a growing number of documented attacks on activists. Last month saw yet more malware targeting Tibetan activists, this time with malicious software aimed at Google’s Android OS.

UK-firm Gamma International and Italy’s Hacking Team have both faced criticism after their surveillance software was found targeting anti-government protesters in various countries with poor human rights records. Neither can say who their customers are, although claim to have safeguards to protect against misuse.

What do you know about Internet security? Find out with our quiz!

Read also :