Malware uses denial-of-service attack in attempt to crash Macs

Victims are asked to call a phony Apple support number in order to restore their machine.
Written by Danny Palmer, Senior Writer

The malware opens emails until the system crashes.

Image: Malwarebytes

A tech support scam is targeting Mac users with unusual malware which tries to crash the system, then encourages the victim to call a phony Apple support number in order to get the system restored to normal.

Victims are infected with the malware via a malicious email or by visiting a specially registered scam website. Cybersecurity researchers at Malwarebytes warn that these websites are particularly dangerous for Mac users running Safari because simply visiting one of the domains can execute the attack.

Once the malicious code has been triggered, it will first of all check to see which version of OS X the victim is using and then attempt to trigger a a denial-of-service attack by repeatedly opens draft emails.

The DDoS continues drafting new emails in individual windows until so many windows are running that the system crashes due to lack of memory. The subject line of the emails tells the user a virus has been detected and to call the tech support number.

There are also instances of the malicious software opening up iTunes without any user prompting and displaying the fraudulent phone number there.

Systems running the most up-to-date version of the Apple operating system -- macOS Sierra 10.12.2 -- don't appear to be affected by the DDoS attack against the mail application, so users should patch their systems to ensure the most protection against the attacks.

This is far from the first support scam to target web users, with Microsoft users also regularly targeted by cyber fraudsters. Microsoft previously warned Windows users to remain vigilant when it comes to tech support scammers malware.

ZDNet contacted Apple for comment but had not received a reply at the time of publication.

Read more on cybercrime

Editorial standards