February 9, 2017
After targeting Windows-based computers over the past few years, hackers are now shifting their interest to Macs as well.
The emergence of the first macro-based Word document attack against Apple’s macOS platform is the latest example to prove this.
The concept of Macros dates back to 1990s. You might be familiar with the message that reads: “Warning: This document contains macros.”
Macro is a series of commands and actions that help automate some tasks. Microsoft Office programs support Macros written in Visual Basic for Applications (VBA), but they can also be used for malicious activities like installing malware.
Until now, hackers were cleverly using this technique to target Windows.
However, security researchers have now detected the first in-the-wild instance of hackers are making use of malicious macros in Word documents to install malware on Mac computers and steal your data – an old Windows technique.
The hack tricks victims into opening infected Word documents that subsequently run malicious macros. One such malicious Word file discovered by the researcher was titled “U.S. Allies and Rivals Digest Trump’s Victory – Carnegie Endowment for International Peace.docm.”
However, after clicking on the malicious Word document and before running it on your system, Mac users are always prompted to enable macros.
Denying permission can save you, but if enabled ignoring warnings, the embedded macro executes a function, coded in Python, that downloads the malware payload to infect the Mac PCs, allowing hackers to monitor webcams, access browser history logs, and steal password and encryption keys.