Categories: NewsSecurity

New Macintosh Malware Hijacks All Internet Traffic

Macintosh users are quickly becoming a new target for cyber criminals these days. A new type of Mac malware has been discovered, which is capable of intercepting encrypted web traffic. Moreover, this malware uses Tor to hide traffic diverted to a remote proxy. It is a very problematic threat that needs to be thwarted as soon as possible.

Dok Malware Targets Macintosh Users

Up until a year or two ago, one would hardly ever put the words “Macintosh

” and “malware” in the same sentence. Things have changed a lot over the past few months, that much is evident. Dok is the latest type of malware discovered by security researchers, and it seems to be packing quite the punch under the hood. Dok, as this malware is known, uses nag screens to gain administrator privileges on the Macintosh machine targeted by the criminals.

To be more specific, the Dok malware is mainly targeting European Macintosh users for some unknown reason. As one would come to expect, the malware is distributed through spam emails, all of which are related to inconsistencies with tax returns. It is not surprising to find out a lot of people open these email attachments to take a closer look at what is going on. All of the emails are seemingly written in the German language, which is quite interesting.

Once the Dok malware package is downloaded onto the computer, users will be greeted with a fake OS X update screen. Once a user clicks the button to update all software, the malware will be installed and gain administrative privileges. Moreover, it will start to hijack encrypted web traffic and even use Tor to reroute traffic through malicious proxies. Moreover, the Macintosh device in question will receive a new loginItem called AppStore, which allows the Dok installation procedure to carry on even if a user reboots the computer in the meantime.

Having all of your internet traffic routed through a remote proxy is not a pleasant experience by any means. Although this process is invisible to the user, it also means the criminals are given access to everything their victims do on the Internet. Although it remains unclear how all of this information is used later on, having someone monitor your everyday activity is very unsettling, to say the least.

Related Post

Unfortunately, it appears the most nefarious act by this malware is conducted at a later stage. Security researchers have discovered Dok will also install a new root certificate and the Macintosh device in question. This particular certificate is then used to perform man-in-the-middle attacks. This can lead to having sensitive information stolen, such as banking logins, social media account details, and who knows what else.

Moreover, the Dok malware also means the criminals can inject their own web pages in the victim’s browser. Phishing pages, for example, can easily be displayed on the user’s computer, regardless of them typing in the correct address or not. This means anyone who owns a Macintosh can become vulnerable to having a man-in-the-middle attack performed against them.

Luckily, there is a small silver lining for Macintosh users as well. Even though Dok was initially not detected by antivirus solutions, it looks like all major companies have updated their virus definitions over the past week. This does not mean Macintosh users are completely safe from harm either, as the malware can still be downloaded onto a computer without being aware of it. Beware of any email attachments related to the returns, as they are usually not legitimate.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

10 hours ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

10 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

11 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

11 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

15 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

16 hours ago