Mac malware targets Apple users with denial of service attack

Internet becomes a jungle for Safari users

Well-healed Apple Mac users have been targeted by a wave of malware that causes popups and fake support alerts, perpetrated via a denial of service (DoS) attack method.

"A newly registered scam website targeting Mac users was making the rounds late last year. Simply visiting the malicious site on an older version of macOS would start creating a series of email drafts, which eventually cause the machine to run out of memory and freeze," said, MalwareByte's Jerome Segura.

Sequra has covered the threat on his employers' blog. He said that the attack can be triggered when a user visits a compromised web page. This makes avoiding infection difficult, depending on how carefully the user surfs the internet.

"The malicious webpage will first determine the version of OS X via a user agent check, and push two different versions of the denial-of-service."

One of these forces users into an email creation loop and myriad opening pages, the other into iTunes. Segura said that the former attack may have been thwarted in the last macOS Sierra update, but added that the iTunes one still stands.

The attack is particular to Safari - presumably exploiting a security weakness - and seems to concentrate efforts on launching the iTunes application. The purpose of the attack seems to be to inconvenience users and force them into unnecessarily and probably expensive fake support experiences.

The good news, though, is that Segura believes that the problem can be fixed relatively painlessly: "On Safari for iOS, you get an error dialog that keeps on repeating itself each time it's closed," he said. "It only seems to affect Safari and did not launch any other App. It can be killed by swiping the Safari window up."

Computing's DevOps Summit returns in March. Places are free to qualifying IT directors and professionals. To reserve a place before they run out, or to peruse the programme at other forthcoming Computing summits, check out Computing's Events 2017 portal.

The DevOps Summit coincides with the first DevOps Excellence Awards, which is open for submissions until Friday 13 January. Got a great product or project in DevOps? ENTER NOW.