An old buddy likes to put across his view of Microsoft’s most famous product by the way he spells it. Thus a recent email: “Hope you enjoy keeping viruses out of your Winduhs machine. My Macs are all doing just fine.” He knows I use a Windows machine for software testing, though I’m primarily a Linux guy. He felt at ease with Apple products. But the latest malware attacks on Macintosh machines bear watching, and I’m afraid the easy assumption of Mac invulnerability could lead to problems. There is no such thing as a 100 percent safe PC. What we can do is try to make our computers harder to get into than most, so that the people looking for an easy break-in will pass ours by in search of other targets. These days there is no shortage of targets no matter what your operating system.
There are also some trends that promise mischief for Apple customers. A new malware attack called OSX/Dok has been surprisingly successful because it can monitor traffic to and from an affected Mac, making it capable of capturing credentials to various sites you’d rather keep private. Moreover, it is signed with a valid Apple developer’s certificate, so that Apple’s Gatekeeper sees it as a legitimate program and doesn’t stop you from using it.
Apple is working hard to block OSX/Dok, revoking developer certificates that turn up in it and updating its XProtect malware system, but for now, we’re dealing with malware that can redirect you to phony bank sites, asking you to install an application on your phone that could be a vector to still more contamination. Let OSX/DOK into your system and it has the potential of reading all your communications while achieving access to your bank account.
Now here’s what really catches my eye: This Mac malware is actually a port of a Windows trojan called Retefe. From what I’m hearing, more malware is expected to be ported from Windows to the Mac because Macs have tripled their market share within the past decade. That means their users make up a not inconsiderable population worth exploiting. It’s time for Mac users to be upping their security game.
What to do? The solution for OSX/Dok is simple enough. The malware spreads by phishing emails, meaning its victims receive an email with an attached file. If you are a trusting soul, consider that on today’s internet a bit of paranoia is always in order. Who was it who said that just because you’re paranoid, that doesn’t mean everyone isn’t out to get you?
So the primer is this: Don’t click on attached files that show up in random emails. And be careful even when dealing with an email supposedly from a friend or organization if its content seems unusual or it contains a file you’re being exhorted to open. Email addresses can be stolen, but we have to use our common sense to ferret out the telltale signs that our old correspondent doesn’t sound like herself. In cases like these, she may well not be.
Windows users, because of the ubiquity of their operating system, have often been the victims of malware attacks, and today have to endure sometimes lengthy security downloads forced upon them by Microsoft as a way of keeping safe. The updated security is, needless to say, vital, and any Windows users will want to make sure he or she is getting the latest software.
But many Mac users have for long assumed that their computers were simply not penetrable. Not a good assumption, and this malware isn’t the last you’ll be hearing about for the Mac.
Right now OSX/Dok is primarily targeting European users. Even so, it’s a warning flare for all of us. So question your email and err on the side of caution. Anyone who genuinely needs to reach you has other options that don’t involve opening attachments and compromising your security. And if you don’t fall for the phishing scam, you won’t come down with OSX/Dok.
Paul A. Gilster is the author of several books on technology. Reach him at firstname.lastname@example.org.