Macro malware is actually a field that has so far frightened Windows users in particular. But a malware analyst who used to work at the NSA and is now an expert in Mac malware found that macro malware spreads to macOS as well.
Security specialist Patrick Wardle showed at the Blackhat, an annual hacking conference, that Macs are also not safe from this type of attack. In a kind of experiment, he presented how the classic Windows hack, i.e. the spreading of malware via prepared office macros, also works on Macs.
Macros are sequences of instructions that are saved in a document and that are summarized in a single command. Malware is injected into office documents via the macros. If someone opens the document, they will execute malicious code directly and swoosh, the computer is infected.
Mac users are less careful
This is a popular attack vector for Windows computers, but most users are already aware of this. Most people are now extremely suspicious of email attachments in .doc or .docm format. Wardle has also seen a significant increase in macro malware attacks on macOS systems, as the mirror reports.
Mac users may still be under false security regarding this attack and users are much less aware of the potential dangers. It is actually possible to bypass protection mechanisms built into macOS-Catalina. The macro malware attack that Wardle discovered has not been usable since February 2020 – at least not if users have properly updated their operating systems. As of February 2020, version 10.15.3, Catalina has been protected against the attack scenario discovered by Wardle.
–
