New MacOS Backdoor Linked to OceanLotus Found


We identified a MacOS backdoor (detected by Trend Micro as  OSX_OCEANLOTUS.D) that we believe is the latest version of a threat used by OceanLotus (a.k.a. APT 32, APT-C-00, SeaLotus, and Cobalt Kitty).

OceanLotus was responsible for launching targeted attacks against human rights organizations, media organizations, research institutes, and maritime construction firms. The attackers behind OSX_OCEANLOTUS.D target MacOS computers which have the Perl programming language installed.

The MacOS backdoor was found in a malicious Word document presumably distributed via email.

Read more…
Source: Trend Micro