The fairy tale is over for Mac computers. The position that Apple’s Macs were immune to attacks and therefore did not need anti-virus or other defenses has finally been shattered. Those of us in the security industry have been preaching this for years.
Check Point researchers have discovered an email-phishing campaign in Europe that is specifically targeting Mac users. The trojan is the first of its kind for Apple computers, and it phishes for credentials by displaying full-screen alerts that claim there’s an urgent OS X update waiting to be installed.
Once it has the keys to the castle, OSX/Dok makes the changes it needs to spy on a victim’s web browsing. First it gives administrator privileges to whoever’s currently logged in. That allows additional password prompts to be bypassed and keeps the rest of the infection process quiet.
The steady increase in the adoption of Apple computers and mobile devices within companies only meant that the attention and focus of attackers would follow.
The fact that Mac sales have been increasing while those of those PC manufactures have been steady at best only tells shows that this is the beginning of attacks against Mac devices. Now the tech giant simply have to change their thinking and acknowledge this new threat.