There are two variants of a new Mac phishing trojan going around, sent as a e-mail message with a malicious attachment. They have been named OSX/Dok and OSX/Dok-B. This is the first major scale malware attack that is targeting Mac OS X users.
The attachment file is named “Document.ZIP”. It is actually an application, not a document. If you download and open it, it will install the malicious payload into your computer. It has the potential to access your online communication, including secure sites, iMessage chats, Keychain data, create screenshots, and more. See below for the screen shot.
Apple has taken steps to prevent the infection, by revoking the certificate the malicious program uses. This will bring up an “unidentified developer” warning when you try and install the program. The B variant will try and hid the warning with a fake OS X Update window.
If you already install the program bring in your computer immediately so we can remove the infection.
The bottom line is, as always, don’t open attachments in e-mail, especially if you aren’t expecting one. You never know if they are real or not. Even if it claims to come from someone you know, the sender can be fake.
FAKE message from the OSX/Dok trojan