Sign up for The Paypers newsletter Follow The Paypers on LinkedIn Follow The Paypers on Twitter Follow The Paypers on Facebook Follow The Paypers on Google +
The Paypers, paypers, Insight in payments, News, Reports, Events
 advertisement
Digital Identity, Security & Online Fraud

Mac users' banking credentials threatened by new malware

Monday 17 July 2017 | 01:40 PM CET

A new scheme that steals banking credentials from Mac users via the Signal private-messaging app has been revealed.

The malware is called OSX/Dok and uses phishing mail filled with a malicious application as its attack vector. Upon successful installation, the malware modifies the OS settings with a shell command that disables security updates. MacbookNext, OSX/Dok gets to work via a man-in-the-middle (MitM) attack designed to intercept the victim’s traffic. Only after it has completed its MitM attack does the malware strap in for its main event. When the victim visits a web page for one of the targeted banks, they see a malicious copy of the actual bank's website prompting them to download an application onto their mobile devices “for security reasons”.

If the user submits a working phone number, the attackers send them a link to download the mobile application. At this time, those behind this malware campaign are sending victims a link to Signal, the encrypted messaging app. 

Therefore, with the influx of macOS-based malware it is important that Mac users take some steps to protect their computers and can begin with the installation of an anti-virus solution.

More: Link
 advertisement
 advertisement
 advertisement
 advertisement