New Mac Malware Uses Old Windows Techniques

Cybercriminals sure are learning! Mac users are not very often victims of malware that often, though threats continue to rise for the Apple platform on a steady basis these days.

And as this new Mac malware that was detected earlier this week proves, the threat levels are high.

Security researchers have detected two separate instances of macOS malware this week, one of which relies on an old, tried and tested Windows technique. A malicious Microsoft Word document that abused macros was sent, which immediately started doing some shady tricks.

The title of the document, as noted, is ‘U.S. Allies and Rivals Digest Trump’s Victory – Carnegie Endowment for International Peace’.

If the Word application was configured to allow macros and ignore warnings, the embedded macro automatically gathered if a security firewall was not running. In which case, it downloaded an encrypted payload, decrypted it using a hardcoded key, and executed the payload to infect the machine.

It is believed that this malware has the ability to monitor webcams, steal passwords and encryption keys, as well as access browser history logs.

What’s interesting is that these types of attacks are considered primitive these days, but it goes to show that cybercriminals do try every avenue they can find time for.

The other malware instance discovered, by the way, is of a fake Flash Player update, and this, too, made use of a classic Windows technique of faking a regular software update dialog.

Stay Informed About Enterprise Security

Leave a Reply