One of the oldest kinds of Windows malware is now targeting Macs
Researchers find attack that downloads malicious code from a Russian address to run on the victim’s computer
There’s a longstanding myth that Mac computers don’t get viruses — or, at the very least, malware makers don’t target Macs as much as they do Windows.
But with Macs making up a large proportion of the high-end computer market, virus makers are repurposing old Windows tricks to target Apple users.
An attack targeting Mac users was recently found in a boobytrapped Microsoft Word document, security researchers said earlier this week.
The attack used one of the oldest tricks in the Windows hacker’s book: taking advantage of Microsoft Word macros, or short bits of script that can be used to automate people’s work.
At least, that’s how macros are intended to be used. But malware makers can use them to download a malicious payload.
Researchers found a Word file called “U.S. Allies and Rivals Digest Trump’s Victory - Carnegie Endowment for International Peace” that contained a boobytrap that would download malicious code from a Russian address and run it on the victim’s computer.
Once the boobytrap runs, it can “perform a myriad of nefarious actions such as enabling the webcam, dumping the keychain, and accessing a user’s browser history,” according to security researchers.
Word macros have historically been one of the most effective techniques for infecting large numbers of people with malware. Word macros were used as part of the attack that brought down part of the Ukrainian power grid in 2015, the first hacker-related power outage, Ars Technica reports.
For most people, one way to avoid these kind of attacks is not to open strange Word documents with unclear origins. But for government officials, journalists, and other people who might need to open a file titled something like “U.S. Allies and Rivals Digest Trump’s Victory,” they should be aware that running macros in a Word file is dangerous, even on a Mac.
Good thing that Word warns users before they open the file.