Apple macOS users have enjoyed living in a bubble, safe from malware attacks for decades. Apparently, those days are over. Recent malware attacks targeted specifically at the macOS have come about at an increasing rate. The latest comes in the form of a trojan virus that is being dubbed the first widely distributed macOS malware. Dok is an unassuming name, but the results are enough to scare you into cutting off your internet line.
Check Point researchers found the nasty bug that targets the macOS through an email phishing scam. The emails seem to be aimed mostly at European users. It is meant to trick you into downloading a ZIP file that, once launched, gives Dok control over your system. After establishing control, the attackers are able to intercept your internet traffic, spy on your activities and even impersonate websites. It cleverly deletes itself once the attackers are done with your system.
Luckily, it’s not easy to get infected. You would need to download, unzip, open the file, press a few buttons here and there first. If by some chance you do end up going through that process to infect yourself, the good folks at iMore have detailed how to reverse it. If you haven’t been infected or aren’t a Mac user, it’s still a great read on how to avoid giving up your precious access to un-friendly operators on the internet.
If you’re thinking that Gatekeeper (Apple’s security measure that prevents unsigned apps from running unless you want them to) will protect you, this nasty malware easily bypasses it. It appears to rely on a faked certificate that bypasses the protection software’s screening, giving it carte blanche if you’re not careful. It’s definitely easy to avoid, but highly dangerous if you let it in. So be careful while when opening emails you aren’t too sure about.