Apple Alert: New Form of Malware Uses Apple Certificate to Infect Computers

New Form of Mac Malware Uses
Mandatory Credit: Photo by Tony Avelar/Epa/REX/Shutterstock (8135828as) A Guest Inspects the New Macbook Pro Computer with the New Usb-c Ports in a Demo Room Following the Announcement of New Products at the Apple Headquarters in Cupertino California Usa 27 October 2016 United States Cupertino Usa Computing Apple Event - Oct 2016

If you purchase an independently reviewed product or service through a link on our website, may receive an affiliate commission.

* New form of sophisticated malware targets Mac users
* Able to infect user’s network through a simple email phishing scheme
* Has the ability to take full control of a network and intercept all user web traffic

While Macs may still be the world’s safest computers, recent years have seen an increase in Apple-specific phishing scams. Case in point: last week, a highly sophisticated new form of spyware was discovered to spy on user traffic. The trojan, nicknamed Dok, affects all Mac OSX operating systems and installs a form of malware to spy on user’s web traffic.

This new smart type of malware infects your network through an email attachment. Fortunately, due to Mac’s multi-layered security protocols, simply clicking a link won’t cause any harm. Instead, the trojan requires a user to download a zip folder and then install a series of fake updates in order for it to work.

Now here’s the bad part: The trojan uses a fake certificate that actually bypasses Apple’s own gatekeeping network, leading people to believe it’s a real message from Apple. Once the zip file is successfully downloaded it will then display a series of Apple notices like the one below that claim a new update is available.

mac malware

That’s where the real problems begin.

The trojan will then use those updates to gain access to network keys, passwords and more, giving it total control over your network. From there it will secretly change your browser settings to spy on your web browsing data, which includes both HTTP and HTTPS web traffic.

If you’re a Mac user, be on the lookout for fake system updates like the one above. And make sure you don’t open any suspicious-looking emails or attachments. A little skepticism goes a long way.