Gatekeeper Won’t stop this ‘major scale’ Mac malware.

OSX/Dok, is a new ‘major scale’ malware setting their sights on macOS users, by bypassing the Gatekeeper feature that’s designed to block malicious software.

This trojan intercepts any activity on your Mac until you install this bogus software update, which also goes undetected by many antivirus programs.

mac-malware

MacOS is increasing with popularity, as the user base grows so does the threat.

Uncovered by security researches, OSX/Dok can attack all versions of MacOS and OS X . As this trojan wasn’t detected by any antivirus databases when it was discovered, it is now seen to be the first “major scale malware” to target Mac users.

How OSX?Dok Mac Malware works.

Once the Malwear copies itself to the /Users/Shared folder, after opening, it then proceeds to execute itself automatically. All traces are removed and an error message is presented hoping to satisfy the user the file could not be opened.

“The malicious application will then create a window on top of all other windows. This new window contains a message, claiming a security issue has been identified in the operating system that an update is available, and that to proceed with the update, the user has to enter a password.”

Once this stage is complete, and you have received the popup, the Mac is unworkable until you have agreed to install the bogus update.

“The malicious application will then create a window on top of all other windows. This new window contains a message, claiming a security issue has been identified in the operating system that an update is available, and that to proceed with the update, the user has to enter a password.”

Once the attacker has obtained the information they want, the malware will remove itself from the infected machine. The user has no idea what was going on in the background until it’s too late.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s