An Apple macOS virus called OSX Dok has morphed and is now targeting banking credentials of people using infected machines. Initially, the Apple malware only tricked people into allowing access to their keychain.
However, it appears that OSX Dok has transformed and is “phishing” for bank accounts. Check Point security researchers explain in a blog post that the macOS virus is mimicking major bank sites.
The fake sites prompt the users to install an application on their mobile devices which could lead to further infection and data leakage.
The team behind the mac malware is distributing the macOS virus through a combination of phishing and MITM (man in the middle) attacks. With this method, hackers are able to spy on all of their victims’ communications.
Unfortunately for owners of infected machines, the Apple malware is extremely difficult to detect and remove. The reason is that the mac virus alters the operating system and disables Apple’s security measures.
Windows porting could bring more macOS malware
Check Point researchers also point out that the OSX Dok Apple malware has similarities with the “Retefe”. “Retefe” is a banking Trojan known for several years, mostly active on the Windows platform.
Check Point concludes that OSX Dok is the same malware as “Retefe” but for macOS devices. The Israeli multinational security provider believes that more Windows malware will be ported to macOS in the coming months.
They attribute that assessment to the lower number of quality security products for macOS and the rising popularity of Apple computers.
Although companies like Google, Microsoft, and Apple continue the fight against these attacks, hackers are also evolving. Recently, Microsoft’s president Brad Smith reiterated the need for a ‘Digital Geneva Convention’, in order for companies and governments to address the hacking issues head-on.