“Check Point, a security analysis firm, posted an alarming blog entry on Thursday about a new malicious macOS Trojan horse that appeared able to bypass Apple’s protections and could hijack and sniff all the traffic entering and leaving a Mac without a user’s knowledge,” Glenn Fleishman reports for Macworld.
“The malware, called OSX/Dok by Check Point, spreads via a phishing attack that Check Point says mostly targets European users,” Fleishman reports. “Apple confirmed that Gatekeeper wasn’t bypassed. That developer certificate has been revoked, which will prevent it launching in the future without a warning. Apple will likely update XProtect, its silent malware signature system, although it provided no details.”
Fleishman reports, “As with nearly all macOS malware, OSX/Dok requires a naive user who accepts at face value phishing email and willingly extracts and launches a file they were not expecting and which they’re unfamiliar with.”
Read more in the full article here.
MacDailyNews Take: Of course, never open an unexpected zip file, even if it’s from someone you know.
Nasty Mac malware bypasses Apple’s macOS Gatekeeper, undetectable by most antivirus apps – April 28, 2017