Friday, 6 January 2017

On 03:04 by admin   No comments
The IT security firm has revealed that scammers are targeting Apple‘s Mac users with a new kind of malware that hijacks its Mail App and Safari browser to conduct denial of service (DOS) attacks.

The attackers direct these apps to continually draft emails till the machine runs out of RAM and crashes eventually. The report also points out that the attack can only be blocked with latest Sierra update. Remember that Mac devices running on latest betas or macOS 10.12.2 will not be affected by the malware.

It is worth noting that the malware keeps drafting emails only but never actually sends these emails. Therefore, this campaign cannot be termed as a spam but a typical Denial of Service attack. The malware used in this campaign resembles the Windows tech support scam that compels owners to make a call to a bogus tech support number or to accept a call made from a fake number.

Jérôme Segura of Malwarebytes states that the campaign involves installation of the malware for which a malicious link is delivered to the Mac user through an email. The emails are being drafted from two different email accounts, which are: dean.jones9875@gmail.com and amannn.2917@gmail.com.

Any mail that you receive from the abovementioned addresses should be deleted immediately. and keep in mind that currently, there are different websites involved in hosting the malware. Some of these websites are: safari-get[.]com, safari-get[.]net, safari-serverhost[.]com and safari-serverhost[.]net.

Solution:

Update your Mac to the latest version since these flaws may have been fixed with macOS Sierra 10.12.2 as Mac users running a fully up-to-date OS do not seem to be affected by the Mail app DoS.

0 comments:

Post a comment