Apple has moved to thwart a malware attack that used a legitimate – probably hijacked – developer certificate, by revoking the cert. Check Point wrote up the malware last week, calling “OSX/Dok” “the first major scale malware to target OSX users via a coordinated email phishing campaign”. A hapless user who okayed all the stages of infection would end up having all their communications snooped – even HTTPS sessions encrypted with SSL.
ORIGINAL SOURCE: The Register
from Apple Blocks Comms-snooping Malware