Experts have discovered a new species of malware for the Mac. The technique, previously used only for hacking Windows, is now being used for attacks on users of Apple computers.
As reported by Securitylab, citing experts Snorre of Fagerland and Patrick World using macros malware blurs the boundaries between Windows and Mac. The technique for malware infection with the help of macros has long been known. Until recently, therefore, the infection occurred computers running only Windows. Now, however, macros were also used in attacks on Mac users.
To infect the Mac hackers use the same technique to send the victim a phishing email with an attached document containing malicious macros. Emails claiming to contain a report of the nonprofit organization “Carnegie endowment for international peace” (Carnegie Endowment for International Peace), dedicated to the victory of Donald trump at the election of the President of the United States.
When the victim tries to open the document, a dialog box appears with a notification reminding you to activate macros in order to view its contents. If macros are enabled on the system running the payload, try to load additional software with attacker-controlled website. The experts were not able to check the downloaded malware, since at the time of the study, its server was disabled.
As reported Fagerland edition Motherboard, attacks can stand hackers working for the government. “I can’t say exactly who is behind this. However, there are signs of Russian-speaking hackers (though they can be from different countries), but it is possible that these symptoms are fabricated,” — said Snorre.
The attack works only with the version of Word for Mac. What was the purpose of hackers, researchers could not figure out.