Skip to main content

Space Buffs Watch Out For Mac Virus

By October 20, 2016March 2nd, 2023Blog, Cybersecurity

spacexbuffsSay what you will about Russian hacking group “Fancy Bear,” but they’ve definitely got a sense of style. Fancy Bear is the group widely believed to be responsible for hacking the Democratic National Committee’s servers. Now, authorities believe the group has developed a form Trojan called Komplex, which targets Mac users.

Like most other malware, once installed on a target system, it faithfully reports data back to the software’s owners and controllers, and can be used to edit, view, copy and delete files on the infected system. Where it gets interesting is the fact that in addition to this, in an apparent display of nationalistic pride, it also places a copy of a PDF on the infected system that details projects that the Russian Space Program has planned between 2016 and 2025.

The Trojan appears to infect target computers by exploiting a known vulnerability in the MacKeeper antivirus software. This vulnerability causes Macs to accept and execute remote commands, and can be triggered by specially crafted web pages. In this case, web pages are designed to mimic the appearance of Russian aerospace companies. There is some evidence that the Komplex Trojan is related to (and shares code with) another malware program called Carberp, which the group has used to infiltrate various agencies of the US government.

All indications are that this software is being used to target a highly specific group of users, although the researchers have been unable to identify a definitive pattern. They are still not sure what group that might be. In any case, it does not appear that this Trojan is being used in any sort of widespread attack.

Even so, it exhibits the dangers that the business community faces in today’s computing environment. Not only are the attacks themselves becoming increasingly complex and sophisticated – the hackers are also branching out, targeting ever smaller groups with tremendous precision. If you employ any people with an interest in Russian space technology, and they use Apple products, be aware of this one.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.