The scumbags of the IT world are out in force again and this time they have released a new Malware attack for Mac. As usual it is important to remember that this attack – like all the others thus far – are limited and specific in their delivery method.
In other words, you won’t get it simply by opening an email.
This particular attack comes in the form of a downloadable application called EasyDoc Converter. However this can be downloaded from legitimate sites like MacUpdate so the potential for disaster is rather higher than it would be if this was a pirated copy of Microsoft Word located on some shadowy website.
So what will it do? Well in simple terms, a lot of bad stuff. It will install a service on your Mac that will allow these underwear stains to control your mac remotely and get access to all your stuff. There have also been reports of the Mac being hijacked and a fee charged to release it. (ransomware)
The first way to avoid this attack is never download EasyDoc converter but as this attack could be in other applications this strategy might have limited effect.
Luckily Apple’s Gatekeeper service will protect you to a large degree, provided of course it is turned on.
- Go the Apple menu and choose System Preferences
- Double click on Security & Privacy.
- Click on the General Tab and ensure that the Mac App Store and Identified developers is selected.
This makes opening unsigned (aka potentially insecure and infected applications) impossible but there is a downside. Some very legitimate applications and developers are not “signed” and this means in order to install these apps the security setting needs to be turned on to Anywhere and then back to the more secure Mac App Store and Identified developers. But at least this makes you stop and think about where this application came from and whether or not it is needed. Then a little googling is generally all you need to do to settle your nerves.