Hackers, or the Chiense government, seem to have figured out that sending fake Microsoft Word documents to individuals using OS X would be a great way to unleash a Trojan onto computers and steal information from the infected.
The findings hints that OS X may be susceptible to the same kind of exploits that have plagued Windows XP and other Microsoft operating systems for years: human stupidity. No seriously, this latest round of exploit goodness is completely centered on users opening up attachments in their email applications.
From Ars Technica:
The recently discovered campaign targets Mac-using employees of several pro-Tibetan non-governmental organizations, and employs attacks exploiting already patched vulnerabilities in Microsoft Office and Oracle’s Java framework … Once installed, the trojans send the computer, user, and domain name associated with the Mac to a server under the control of the attackers and then await further instructions.
Here’s our public service announcement: STOP OPENING EMAIL ATTACHMENTS YOU DON’T SOLICIT. We’ve been telling everyone since we first launched this blog to stop opening attachments in emails that were sent unsolicited. Of course your Mac is vulnerable. Frankly, if you’re dumb enough to open every single attachment in your inbox you deserve to have your documents stolen and shipped off to China. For the love of all that is holy, STOP opening bizarre attachments in even more bizarre emails. No, the Secretary-General at the UN did not personally email you for your opinion, despite your completely valid opinion on the child labor issues in China.
Seriously, this is why we can’t have nice things.