Tech Support Scam Malware Uses DDoS Attack to Crash Macs
According to a report by cybersecurity researchers at Malwarebytes, Mac users are being targeted with an unusual malware which tries to crash the system by using a DDoS attack, and then asks the victims to call a phony Apple support number in order to get the system restored to normal (via ZDNet). The malware infects the systems via email or when a user visits a specially registered scam website on a Mac running Safari.
The malicious code can be triggered by simply visiting one of the domains, and once it is executed, it checks to see which version of OS X the victim is using and then attempts to trigger a a denial-of-service (DDoS) attack by repeatedly opening draft emails. The attack continues drafting new emails in individual windows until so many windows are running that the system crashes due to lack of memory.
The subject line of the emails tells the user a virus has been detected and to call the tech support number. There are also instances of the malicious software opening up iTunes without any user prompting and displaying the fraudulent phone number there.
While users running the most up to date version of the Apple operating system – macOS Sierra 10.12.2 – don’t appear to be affected by the DDoS attack against the mail application, so users should patch their systems to ensure the most protection against the attacks.
Apple is yet to issue an official comment regarding this malware.