Hackers are infecting Macs with malware using calendar invites and meeting links — don’t fall for this
Getting an email with a calendar link for a meeting has become commonplace, but you may want to think twice before clicking on one. That’s because hackers have begun using calendar invites and meeting links to infect unsuspecting users with Mac malware.
As reported by Krebs On Security, cybercriminals are now abusing the popular scheduling tool Calendly in their scams. Like with other malware campaigns, this one uses social engineering to find potential targets but instead of draining their bank accounts, it goes after cryptocurrency.
Still, the hackers behind this campaign could pivot to go after other types of accounts by using a different Mac malware strain. Here’s everything you need to know about how this scam works as well as how to protect yourself and your Apple devices from Mac malware.
From meeting invite to malware infection
Krebs On Security got a first-hand look into this scam after one of the site’s readers explained how they were targeted and fell for it.
In this campaign, the hackers behind it are impersonating cryptocurrency investors who are asking to schedule a video call. However, this lure could easily be adapted to go after other groups of potential victims.
The attack itself began when the reader was approached via Telegram by a scammer that wanted to invest in their startup. Everything seemed above board though and they then shared their Calendly profile with the scammer.
When it was time for the meeting, the reader clicked on the meeting link and nothing happened. They then contacted the scammer who explained that there was an issue with the video platform. Fortunately though, their IT people had created a different meeting link.
While this is certainly the kind of thing that should raise suspicions, the reader didn’t think twice and clicked on the link. However, instead of opening a videoconferencing app, a message appeared on their Mac saying the video service was experiencing technical difficulties. The message also referenced a script that could be run as a temporary solution to fix these issues.
By running the script, the reader unknowingly infected their Mac with a dangerous trojan designed to siphon off personal and financial data from their…