Mac users are increasingly being targeted by malware after years of being relatively safe, and that means they’re facing attacks that other users have unfortunately come to expect for a while. Check Point researchers have discovered Dok, the first “major scale” trojan that targets macOS through an email phishing campaign. The bogus messages (usually aimed at European users) are meant to trick you into downloading a ZIP file that, if you launch it, gives the malware control over your system and lets attackers intercept your internet traffic to spy on your activity or impersonate websites. It’ll even delete itself when the intruders are done.
Like many attachment-based phishing attacks, you have to go out of your way to infect your system. You’re not going to get a Dok infection just by opening a message, thankfully. And if you do fall prey to the malware, iMore has instructions that will help you scrub your system clean. However, the rogue code also appears to rely on a faked certificate that bypasses Apple’s Gatekeeper screening, giving it carte blanche if you’re not careful. It might be easy to avoid, but it’s potentially very damaging if it gets through and you don’t look for warning signs.
More than anything, Dok serves as a reminder that you can’t assume you’re safe just because you use a non-standard platform. Malware writers still tend to target Windows simply because it represents the largest potential target, but some of them are willing to aim at Mac users in hopes of cornering an untapped “market” for victims.