Stealthy Mac malware spies on encrypted browser traffic

A new malware program that targets macOS users is capable of spying on encrypted browser traffic to steal sensitive information.

The new program, dubbed OSX/Dok by researchers from Check Point Software Technologies, was distributed via email phishing campaigns to users in Europe.

One of the rogue emails was crafted to look as if it was sent by a Swiss government agency warning recipients about apparent errors in their tax returns. The malware was attached to the email as a file called Dokument.zip.

What makes OSX/Dok interesting is that it was digitally signed with a valid Apple developer certificate. These certificates are issued by Apple to members of its developer program and are needed to publish applications in the official Mac App Store.

To read this article in full or to leave a comment, please click here