If you use a Mac or MacBook, beware that a banking malware known as Dridex is moving on from attacking Windows computers and is now going after Macs using email attachments that look like regular documents.
It is an information stealer malware attributed to the cybercriminal group Evil Corp that is used to harvest sensitive data from infected machines. Cybersecurity software company Trend Micro analyzed the malware and found that the file can run on both macOS and iOS systems.
Dridex malware has been around for many years, and cybersecurity firms have been targeting it since its conception. This malware’s goal is to target and obtain private information from people’s bank accounts. Dridex is classified as Trojan malware, a type of malware that disguises its malicious coding within seemingly harmless data to catch people off guard. Cyber hackers typically spread it via spam email, posing as official-looking emails.
This version of Dridex malware contains a malicious document that will run automatically as soon as a user opens it. Once it begins to run, it overrides all Microsoft Word files contained within the infected macOS computer and will contact a remote server to download more files. One of those files is a Windows executable file that runs on Dridex.
If you have a Mac, you may not be immediately aware that your files are corrupted, which is why Dridex is specifically targeting Word documents. Since people regularly share Word documents, folks with Mac can share their overridden, malicious files with others and unknowingly infect those devices, creating a malware domino effect.
In this case, the malware itself cannot infect targeted Macs since it is contained within an executable Windows file. However, if you were to download the corrupted file, it can cause files on a Mac to be overwritten with malicious…