If you are thinking that being a Mac User, you are safe from all the kind of security threats then you are totally wrong. In 2017, even the Mac OS which is known for its immunity from cyber-threats is not safe more. The cyber-criminals have developed a special macro malware which hacks the targeted PC using macro settings. If you have Microsoft Office suite available in your Mac then you could be the next victim. The first case of macro-malware attack was noticed by a researcher at Symantec The file which came to scrutiny is named as “U.S. Allies and Rivals Digest Trump’s Victory – Carnegie Endowment for International Peace.docm,”. According to the senior researcher at Synack, this word-document contains a macro script that generates a warning message when MS Office doc is accessed. It user allows macros script to execute while opening the Word file, the malware infection immediately gets installed.
When the related macro-script further got analyzed, surprising things came in notice. The macro contained a chunk of base64 data that gets executed as a python command. This script executes several questionable activities such as scrutinizing the Mac security app, download additional payloads, decrypting the payload via RC4, executing the decrypted payload and so on. These payloads may easily skip sensitive information, steal browsing history and may spy through webcam. In researches, it came to notice that server from where the payload is downloaded is present in Russia and have questionable IP address which were previously involved in the some other malware campaigns.
By using a Macro in Word, cyber-criminals have a very high hope for successful Macro malware for Mac users this time. The malware developers have generally ignored Mac users in the past but as the users of this OS is increasing, the cyber-criminals are definitely begin to try their hand here.