Hackers targeting Macs using age-old Windows malware trick

Researchers found a Word file that contained a boobytrap that would download malicious code from a Russian address


Tech Desk February 10, 2017
Man poses in front of on a display showing the word 'cyber' in binary code, in this picture illustration taken in Zenica December 27, 2014. PHOTO: REUTERS

Mac computers are often considered more secured compared to their Windows-based counterparts, as they don’t usually attract malware attackers.

However, this perception is changing as with the increase in Mac users, virus-makers are repurposing old Windows tricks to target Apple computer users.

White House points to Putin over election hack

Recently, a virus boobytrapped in a Microsoft Word document was found targeting Mac users. The attackers are using one of the oldest tricks from the Windows hackers’ book, taking advantage of Microsoft Word macros.

https://twitter.com/fstenv/status/828552352588247040

Macros are essentially short bits of script that can be used to automate people's work. However, malicious hackers have long used Microsoft Word macros to spread malware to victims using Windows operating systems.

Recently, a security researcher found a file on VirusTotal, a Google-owned online malware repository titled "US Allies and Rivals Digest Trump's Victory - Carnegie Endowment for International Peace". It was discovered that the file was actually malware that could compromise victim's computer using macros. The file only works on Word for Apple's operating system – MacOS.

Once the victim opens the file, the malware attempt to "perform a myriad of nefarious actions such as enabling the webcam, dumping the keychain, and accessing a user's browser history", according to security researchers.

iPhone lockscreen hack can put your messages, photos at risk

While malware using macros has been around for ages, there hasn't been much reported cases of malware using macros specifically targeting Mac users.

Talking to Motherboard, Snorre Fagerland, the researcher who spotted the malware, said it is possible that the malware was used by a government-sponsored group. "I really can't point the finger at anyone for this, but there are some indicators pointing towards Russian speakers (which actually can mean many countries), and even that could be faked."

 

PHOTO: Objective See

Historically, Word macros have had a big role to play infecting large numbers of people with malware. Word macros were part of an attack that brought down part of the Ukrainian power grid in 2015, the first hacker-related power outage.

Users should avoid opening unknown word files especially if you aren’t expecting something titled as "US Allies". The good thing is Word warns users before they open a file.

This article originally appeared on Business Insider

COMMENTS

Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ