Skip to main content

Apple Alert: New Form of Malware Uses Apple Certificate to Infect Computers

* New form of sophisticated malware targets Mac users
* Able to infect user’s network through a simple email phishing scheme
* Has the ability to take full control of a network and intercept all user web traffic

While Macs may still be the world’s safest computers, recent years have seen an increase in Apple-specific phishing scams. Case in point: last week, a highly sophisticated new form of spyware was discovered to spy on user traffic. The trojan, nicknamed Dok, affects all Mac OSX operating systems and installs a form of malware to spy on user’s web traffic.

This new smart type of malware infects your network through an email attachment. Fortunately, due to Mac’s multi-layered security protocols, simply clicking a link won’t cause any harm. Instead, the trojan requires a user to download a zip folder and then install a series of fake updates in order for it to work.

Now here’s the bad part: The trojan uses a fake certificate that actually bypasses Apple’s own gatekeeping network, leading people to believe it’s a real message from Apple. Once the zip file is successfully downloaded it will then display a series of Apple notices like the one below that claim a new update is available.

Lazy loaded image

That’s where the real problems begin.

The trojan will then use those updates to gain access to network keys, passwords and more, giving it total control over your network. From there it will secretly change your browser settings to spy on your web browsing data, which includes both HTTP and HTTPS web traffic.

If you’re a Mac user, be on the lookout for fake system updates like the one above. And make sure you don’t open any suspicious-looking emails or attachments. A little skepticism goes a long way.