macOS Malware 'Dok' Intercepts Web Traffic With Administrator Privileges: Check Point

Advertisement
By Shekhar Thakran | Updated: 1 May 2017 12:49 IST
Highlights
  • New malware comes signed with valid developer certificate
  • The malware was found to have 0 detections on VirusTotal
  • Malware reported to be targeting European users
macOS Malware 'Dok' Intercepts Web Traffic With Administrator Privileges: Check Point

If you are a macOS user and think that one of the major advantages of using this operating system is that you are immune to malware, this news is meant just for you. While macOS has had its time in the sun for long, a new malware that goes by the name of 'Dok' has been reported to specifically target the Apple operating system and potentially allows interception of communications traffic network and provides administrator privileges of the infected system.

Wondering how it is different from other malware that are floating around on the Internet? It is because OSX/Dok, as it is also known, was found to have 0 detections on VirusTotal scanner and comes signed with a valid developer certificate (authenticated by Apple), as per a report by software security firm Check Point. Dok has been reported to be the first major scale malware to target OS X users via a "coordinated email phishing attack" and affects all versions of the OS that have been released till now, as per the report.

The new Trojan has been reportedly targeting European users as of now and much like other attachment-based phishing attacks, requires users to open an infected ZIP file attachment that upon execution shows the user a "package is damaged" error message, but succeeds in copying itself onto the victim's system, and then throws up a fake update page as a persistent pop-up that phishes the user's credentials and provides administrator privileges. By proceeding to install a new root certificate on the victim's system, Dok gains access to the user's communication network with a Man-in-the-Middle (MITM) attack that allows an attacker to impersonate any website, including the ability to read secure HTTPS traffic. Notably, following the lead from some of the recent malware, Dok is able to delete its traces once its work is done as well.

In case you have already been targeted, you can simply follow the steps listed on iMore to clean up your system, as pointed out in a report by Engadget.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement
Popular Mobile Brands
  1. Huawei Band 10 Review
  2. iQOO Z10 Turbo+ Officially Confirmed to Run on This Chipset
  3. Amazon Great Freedom Festival 2025 Sale to Kick Off in India on This Date
  4. Honor Pad X7 With 8.7-Inch Display and Snapdragon 680 SoC Launched
  5. Flipkart Freedom Sale 2025 Date Revealed: Check Offers, Discounts
  1. Meta Names ChatGPT Co-Creator Shengjia Zhao as Chief Scientist of Superintelligence Lab
  2. Who-Fi: An AI-Powered Wi-Fi Technology That Can Identify and Track Individuals Without Cameras
  3. NASA’s X-59 Moves Closer to First Flight with Advanced Taxi Tests and Augmented Vision
  4. Unusual Plasma Waves Above Jupiter’s North Pole Can Possibly Be Explained
  5. NASA to Live Stream SpaceX Crew-11 Launch Docking, Know How to Watch Online
  6. Apple Expands App Store Age Rating System With More Granular Categories
  7. Amazon Kindle Colorsoft Kids With 7-Inch Display and a Kid-Friendly Cover Launched
  8. Dying Light: The Beast Delayed to September for 'Extra Polishing Work'
  9. Flipkart Freedom Sale 2025 Date Revealed; Plus, VIP Members To Get Early Access
  10. Huawei Mate XT 2 Colour Options Leaked; Could Be World’s Second Mass-Produced Tri-Fold Phone
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.