There is some new Mac malware on the block. Researchers have noticed European phishing campaigns delivering a new OS X malware variant called Dok. While this new malware isn’t overly sophisticated, it does leverage a previously valid Apple developer certificate to sneak past OS X security mechanisms. If you fall victim to Dok, it intercepts and decrypts all your secure web traffic. Apple users should watch the video below to learn more.
Episode Runtime: 3:05
Direct YouTube Link: https://www.youtube.com/watch?v=ez8J2WpPiJ0
EPISODE REFERENCES:
- Dok malware targets Macs through scam emails – Engadget
- Research blog post on Dok OS X malware – Checkpoint
- Apple revokes the developer certificated used by Dok – Apple
Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply