Home > Daily Thoughts, OS X > ‘Olyx’ connection to Fake Apple Stores?

‘Olyx’ connection to Fake Apple Stores?

An interesting observation from a colleague, check out the digital certificate information of ‘Wolyx’ the Windows backdoor packaged with ‘Olyx’  below:

Issued By:      WoSign Code Signing Authority
Issued To:      CN, Yunnan, Kunming, Kunming Wuhua District YanXing Technology Sales Department, WoSign Class 3 Code Signing, Kunming Wuhua District YanXing Technology Sales Department
Effective On:   11/03/2009 00:00 
Expired On:     11/02/2012 23:59

The place where the revoked digital certificate was issued to was Kunming, Yunnan China.

In the news, you’ll notice that this is the same city of the fake Apple stores.  

China officials find 5 fake Apple stores in 1 city


A Chinese city government website says local trade officials have found five fake Apple stores in a southwestern city.

The Kunming government website says authorities in the city in Yunnan province took action against two of the stores, which were found to be operating without a business license.

[Read http://www.businessweek.com/ap/financialnews/D9OME9280.htm]

Officials close 2 of 5 fake Apple stores

KUNMING – Officials looking into the illegal sale of Apple gadgets say they are waiting for the electronics company to respond before they decide whether to close three more possibly unlicensed stores. [Read http://www.chinadaily.com.cn/usa/us/2011-07/26/content_12980613.htm]
  1. July 28, 2011 at 2:02 pm

    At the very least, you could conclude the people in that area have an interest in using Apple products…and we have to assume some of those Mac users are inclinced to act in malicious ways (either for personal profit or national ‘profit’).

    Most of the time, the industry claims that Windows is attacked because it is the most popular. While this is true, perhaps this is a case of an attacker going after what they know (aka what they are using).

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: