Malware writers generally tend to target Windows as that’s where the largest number of potential victims are. No wonder Mac users have remained safe from malware for a long time. However, malware for Mac is becoming increasingly prominent these days. You might want to keep an eye out for the Mac Dok malware that’s being referred to by security researchers as the first “major scale” trojan for Apple’s desktop OS.
Researchers at Check Point have discovered the Mac Dok malware that’s being spread through phishing emails. The emails trick users into downloading ZIP files, which when launched, enables the malware to gain control of the system.
Attackers can then intercept the victim’s internet traffic and even impersonate websites. When they’re done, they can remove the malware remotely. Since this is an attachment-based malware, you won’t infect your system just by opening the email. You have to download the attachment and unzip it to actually open the door to attackers.
So it goes without saying that you shouldn’t be downloading ZIP files from untrusted sources in the first place. The malware also appears to rely on a fake certificate to bypass Apple’s Gatekeeper verification so it has full access to the device if someone gets the malware on their Mac.
You should be extra careful about downloading ZIP files that you receive in your inbox until such time that Apple patches whatever exploit this malware is using to inject its rogue code into the system.