A new OS X malware sample has been spotted by researchers on sites claiming to support of the Dalai Lama.
Researchers from both Intego and F-Secure reported finding samples of the 'Dockster' malware circulating on pro-Tibet websites. The site claims to be run by the office of the Dalai Lama and contains information on the Tibetan spiritual leader.
According to researchers, the page itself uses a Javacript exploit to compromise OS X systems and install the keylogging malware. Users can protect themselves from the attack by updating their systems to the latest version of Java.
Intego researchers have classified the malware as a low-level threat due to its limited distribution.
"Dockster is a very basic backdoor trojan that provides a remote connection to an attacker, along with keylogging functionality and the ability to download additional files," the company said in its report.
"The remote address that the backdoor attempts to contact to receive commands is now active."
This is not the first time sites in support of the Dalai Lama have been compromised for use in malware attacks. In 2009 state-sponsored groups in China were accused of using pro-Tibetan sites to spread spyware and other monitoring tools, presumably for use in spying on pro-Tibetan activists.
Cyber-espionage in China has become a hot topic in recent weeks as government officials in the US have expressed concern that Chinese state-sponsored groups were targeting US firms for surveillance and data theft.
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software