Apple blocks OSX/Dok communications-snooping malware

“Apple has moved to thwart a malware attack that used a legitimate – probably hijacked – developer certificate, by revoking the cert,” Richard Chirgwin reports for The Regster.

“Check Point wrote up the malware last week, calling ‘OSX/Dok’ ‘the first major scale malware to target OSX users via a coordinated email phishing campaign,'” Chirgwin reports. “A hapless user who okayed all the stages of infection would end up having all their communications snooped – even HTTPS sessions encrypted with SSL.”

Chirgwin reports, “According to Kaspersky’s Threatpost, Apple revoked the certificate on Sunday, US time, and also dropped an update to its XProtect anti-malware software.”

Read more in the full article here.

MacDailyNews Take: Of course, never open an unexpected zip file, even if it’s from someone you know.

Nasty Mac malware bypasses Apple’s macOS Gatekeeper, undetectable by most antivirus apps – April 28, 2017

1 Comment

  1. hi
    how can you tell if your system was properly updated with the auto update to apple’s XProtect anti-malware software?
    the app store update page doesn’t show it. so is there a way to check if the security update has been applied or not?

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.