Skip to main content

A vicious new malware is targeting Mac computers

Apple Store
Image Credit: Håkan Dahlström

Apple computer users should be extra diligent when surfing the web.

For the past few weeks, people have been tricked into visiting a phony website embedded with malware that can freeze Apple computers, according to a report this week by the cybersecurity firm Malwarebytes.

When Apple users visit the website via their Safari browser, often by clicking on a link in a bogus email, they inadvertently load malicious code onto their computers. The malware then triggers either two sets of actions depending on the version of the computers’ operating systems, the report said.

In one case, the malware causes the computer’s Apple email client to create a deluge of draft emails that contain the words “Warning! Virus Detected!” in the email subject line. Although the emails don’t get actually get delivered to anyone, the sudden flood of draft emails hogs the computer’s resources, thus causing the computer to freeze.

VB Event

The AI Impact Tour – Atlanta

Continuing our tour, we’re headed to Atlanta for the AI Impact Tour stop on April 10th. This exclusive, invite-only event, in partnership with Microsoft, will feature discussions on how generative AI is transforming the security workforce. Space is limited, so request an invite today.
Request an invite

In the second case, the malware causes the infected computer’s iTunes program to open multiple times without closing to the point where it crashes.

In both of these instances, the malware essentially causes computers to use up all of their memory, similar to how hackers launch so-called denial-of-service attacks on web sites. In a denial-of-service attack, hackers essentially overload an online service with Internet traffic, thus causing the service to become inaccessible because it can’t keep up.

Complicating matters, the malware targeting Apple computers leaves a dummy message in either the email draft or in the iTunes player that tells people to call a fake Apple support phone number to fix the problem. The report does not describe what happens when a person calls, but it’s likely that criminals will charge a fee to unlock the computer under the false pretense that they are Apple employees.

Apple’s iPhones and iPads are not impacted by the malware since they run on a different operating system than Apple computers.

The new Apple malware seems similar to a Microsoft Windows-tailored version that hit PCs in November, Malwarebytes said.

The Windows version of the Malware exploited a bug in the software language HTML5, increasingly used to create websites, that caused web browsers like Google Chrome and Firefox to display a fake help-support webpage that can’t be closed. The malware also causes the computer to overload so that no other program can be opened and instead display a fake telephone number to call.

As for the Apple malware, the security firm did not say how many people appear to have been impacted, but it said that those who upgraded their operating systems to the latest versions seemed to be safe from the variant of the attack that creates draft emails. The iTunes variant, however, appears to be triggered regardless of whether a person’s operating system is up to date.

This story originally appeared on Fortune.com. Copyright 2017

VB Daily - get the latest in your inbox

Thanks for subscribing. Check out more VB newsletters here.

An error occured.