Mac Malware Authors Disguise Malicious Apps as Harmless PDF or DOC Files

mac osx malware modifiedFor many years, the Mac OS X operating system has been the ironclad choice for anyone who wants to prevent their system from becoming infected with some form of malware. In the past few years, the Mac OS X has been attacked by different variations of malware. Just recently, malware authors discovered a new way to trick unsuspecting Mac users into infecting their computer, which could easily slip past any method for detection.

It is well-known in the computer security community how many Mac users have thought that their shiny new Mac OS X system is virtually invincible to malware. Despite a slightly different change in language for communicating how Mac systems can be just as vulnerable as PCs, Mac user's still carelessly click around the Internet without any fear of running into malware. In knowing how careless Mac users may be when it comes to malware, hackers are aiming a method of altering file extensions so the infected app may appear to be an inconspicuous DOC or PDF file.

The special trick hackers are using to infect Mac OS X systems with malware via modified DOC and PDF files, is by entering the extension backwards. The crooks are using the OS X Character Viewer using right-to-left encoding. Normally, OS X will not allow modification of .app files by entering the extension backwards. Through use of Character Viewer, an executable' s extension can be reversed by the operating system will still recognize it as an executable that may be opened and allow a malware installer to be initiated.

OS X is normally able to prevent this type of attack where Gatekeeper only allows executables delivered from the Mac App Store or ones signed with a valid Apple developer ID. The malware authors are able to bypass any detection agents in Gatekeeper by signing the malicious file with a valid dev ID.

Even though this complete modification of file extensions and signing a file with a valid dev ID could essentially infect a Mac system, it is ultimately up to savvy computer users to avoid this scenario by practicing responsible computer user. Such use requires that the user avoid sites known for spreading malware or questionable downloads that may potentially lead to such a case of modifying extensions to infiltrate a Mac with malware.

It should be clear to all users that Mac OS X systems are not immune to malware, and there are many ways hackers are exploring to infect such systems with new aggressive malware threats.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.