New Mac Malware detected: Infected by Malicious Word Doc and a Fake Software Update


Mac security has been compromised. The malware attacks are coming from Microsoft Word documents and Adobe Flash Player update. This is the first time that Apple’s MacOS platform has been attacked. The hackers are using a pretty old way of tricking users to get into their systems and corrupt their data or lay their hands on their passwords etc. This is the same way that the hackers used for Windows users, to get their data.

The first identified virus comes through Microsoft document is macros. Macros is a series of actions and commands which help to automate specific tasks. Macros are supported by Microsoft Office programs written in Visual Basic for Applications(VBA). However, they can also be used for such malevolent activities like installing malware. Malware that is Word-document based was seen in a Word file named, “U.S Allies and Rivals Digest Trump’s Victory-Carnegie Endowment for International Peace.”

Any Mac user who opens the document unintentionally, then the document downloads and executes an encrypted payload without flashing any warning to the user. The researchers were unable to comprehend the actual results of the attack. The code has been written in Python programming language. It has been taken almost exactly from EmPyre, which is an open source exploit framework for Macs.

However, since it had been copied from EmPyre, it is assumed that the malware could steal encryption keys stored in the keychain, passwords, monitor webcams and even access browsing history.

After analyzing the document the director of research security firm Synack, Patrick Wardle published what he analyzed. He wrote that by using macros in Word documents, the hackers were manipulating the weediest link; humans. Furthermore, as the functions of macros are legitimate the malware’s infection vector doesn’t have to think about crashing the system or being ‘patched’ out.

ALSO READ:   Reliance Jio officially launched - Announced plans as low as Rs.50/GB

Wardle also said that the malware was not quite advanced because it depends on user interaction and needs macros to enable it. Although this Word-based malware was not written quite well the attempt has already been made. Ars Technica, recommends not to run any Word document run macros on your system.

The second type of malware that has been attacking the Mac systems was through Adobe Flash Player update. This type of malware also has been found to be used to attack Windows. In Windows, such malware shows up in forms of software updates of app pop-ups, but as soon as the users clicked on update, the malicious code is downloaded. However, the malware that has attacked Mac platforms are a bit more advanced and compromises your important data, passwords, usernames and other sensitive data.

The users have already been warned about this malware. The only way to avoid these attacks is by sticking to downloads from system tools or official websites of the app updates. Third-party and untrusted websites cannot be relied on.

Although Apple has faced several glitches and bugs on the iOS platform, attacks on MacOS are very rare. So, be careful from a third party and untrusted websites when you are downloading anything.

Avnish Kumar


Avnish Kumar

I completed Bachelor of Computer Application (BCA). I enjoy writing about new gadgets, technology, and of course about the Avengers. I have four years of writing experience, and I am still discovering new things.

Up Next

Discussion about this post