“The malware, called OSX/Dok by Check Point, spreads via a phishing attack that Check Point says mostly targets European users,” Fleishman reports. “Apple confirmed that Gatekeeper wasn’t bypassed. That developer certificate has been revoked, which will prevent it launching in the future without a warning. Apple will likely update XProtect, its silent malware signature system, although it provided no details.”
Fleishman reports, “As with nearly all macOS malware, OSX/Dok requires a naive user who accepts at face value phishing email and willingly extracts and launches a file they were not expecting and which they’re unfamiliar with.”
Read more in the full article here.
MacDailyNews Take: Of course, never open an unexpected zip file, even if it’s from someone you know.
Nasty Mac malware bypasses Apple’s macOS Gatekeeper, undetectable by most antivirus apps – April 28, 2017