Hackers are using a new form of malware to launch targeted attacks against users of Apple computers; it has been reported. According to Malwarebytes Labs, a cyber security firm, the new form of malware has been in active circulation for the past few weeks.
According to the report, the new malware works by tricking people who use Apple computers (the iMac and Mac book) into visiting fake websites while they are browsing the internet. The moment a user visits any of the fake internet sites, malicious code is immediately injected into the computer.
The report further states that the behaviour of the code once it gains access to an Apple computer depends on its variant. One variant of the malware, the report indicates, works by generating an avalanche of fake email drafts. The fake email drafts automatically choke the servers and cause the infected computer to hang up.
The second variant operates in a manner similar to the first one, in that it causes an Apple computer to fail to work in the end. However, unlike the first variant, the second variant of the malware does not use fake email draft messages to cause the jam. Rather, this second form of the malware targets the iTunes accounts of users where it generates hundreds or even thousands of fake commands. The false commands cause the computer to fail to work properly.
An interesting part of the manner in which the malware works is how it is similar to the typical DDoS attacks.
Tech support scam for iOS with season's colours (safari-get[.]com). pic.twitter.com/xtTBCISNRp
— Jérôme Segura (@jeromesegura) December 24, 2016
‘The malware determines the operating system that is running on a particular computer and then carry out a matching denial-of-service attack,’ Malwarebytes reports.
The malware decides whether to execute a DDoS-style attack against a user by focusing on the mail app or the iTunes app. In both cases, a user cannot use the computer because of the thousands of commands that the malware automatically generates.
A fake message alleging that the user’s computer may be under attack then appears, the report further indicates. In the message, cyber criminals provide a fake support team number and ask users to call the number for help.
It is not clear what happens when those affected by the malware call the number. However, it is likely that the criminals may be running a form of extortion using this new kind of malware.