“Apple has moved to thwart a malware attack that used a legitimate – probably hijacked – developer certificate, by revoking the cert,” Richard Chirgwin reports for The Regster.
“Check Point wrote up the malware last week, calling ‘OSX/Dok’ ‘the first major scale malware to target OSX users via a coordinated email phishing campaign,'” Chirgwin reports. “A hapless user who okayed all the stages of infection would end up having all their communications snooped – even HTTPS sessions encrypted with SSL.”
Chirgwin reports, “According to Kaspersky’s Threatpost, Apple revoked the certificate on Sunday, US time, and also dropped an update to its XProtect anti-malware software.”
Read more in the full article here.
MacDailyNews Take: Of course, never open an unexpected zip file, even if it’s from someone you know.
SEE ALSO:
Nasty Mac malware bypasses Apple’s macOS Gatekeeper, undetectable by most antivirus apps – April 28, 2017
hi
how can you tell if your system was properly updated with the auto update to apple’s XProtect anti-malware software?
the app store update page doesn’t show it. so is there a way to check if the security update has been applied or not?
thanks