Mac OSX users have traditionally operated without putting too much effort into security. After all, everyone knows that Macs don’t get viruses; at least until now. What is being called the “first major malware” campaign against Mac users has appeared in the form of OSX/Dok.
The malware is capable of infecting all versions of OSX, and has been spreading through a series of phishing emails. Security company Check Point notes that there have been zero detections of OSX/Dok in the wild. Probably meaning that the cybercriminals have managed to get another step in front of security professionals.
OSX/Dok is a fairly sophisticated piece of malware; at least where Macs are concerned. Its ultimate goal upon infecting a system is to gain admin privileges and redirect all internet traffic to a proxy server. Man-in-the-middle attacks are not exactly unknown, and the only difference here is the scale in which it has been rolling out.
According to the report, OSX/Dok has been largely targeting European Mac users. One example shown was a decidedly cliche email about tax returns sent in German. As usual, the email includes an attachment that launches the first stage of the cyberattack and downloads the rest of the package.
Little damage has been done by the malware thus far, although it looks like the real impact won’t be known for a while. OSX/Dok follows the newer trend of self-destructing after achieving its goals; making it much harder for security companies to keep track of it.
The increasing number of Macs in circulation are making them more attractive targets for cybercriminals these days. We are rather surprised that there haven’t been more widespread attacks against OSX. Or perhaps they exist and go unreported.
[Source: Check Point]