One of the reasons for several people to go MacOS was the safety net that it provided from trojans, viruses, and malware in general. However, hackers are increasingly targeting the platform that was once considered a ‘safe’ bet. In the latest example, a new Trojan named ‘Dok’ has been wrecking havoc with Mac users primarily in Europe. This malware, also called OSX/Dok is a threat to all versions of OSX and attempts to grab an unsuspecting user’s attention with a phishing e-mail. What is more alarming is that it manages to remain undetected on most anti-malware apps and even has a valid developer certificate authenticated by Apple. According to folks at Checkpoint security, this is one of the first major scale malware to operate via a phishing campaign.
Once the malware infects your system, it hands over the attackers complete access to all communication from the system – including the ones that are encrypted using SSL. All the communication sent and received from the infected system is routed via a malicious proxy server. In its current form, Dok seems to be primarily targeting European users, and as evident from the phishing emails, it attempts to target gullible people with an authentic sounding e-mail message that warns them about issues with their tax returns. The email also contains an attachment which when executed starts the procedure to infect the system.
This basically means that you’d have to go out of the way to infect yourselves with Dok since the infection cannot happen without one executing the attachment. This is why security analysts insist on not downloading and executing files from unknown senders.
So, if you happen to one of our readers from Europe and also use a MacOS system, do keep a watch on fishy sounding emails!