Skip to main content

MacOS suffers its first-ever Word macro attack

1129714 autosave v1 hackers22
Debate continues over whether Apple’s MacOS is inherently more safe from malware than Windows or if Macs simply aren’t targeted as often because of their smaller share of the PC market. Regardless, the fact is that MacOS isn’t immune, and new vulnerabilities arise on occasion that Mac users should keep in mind.

One category of malware that has certainly affected Windows and not MacOS is the infamous Microsoft Word macro virus. That could be changing, as MacOS has now suffered its very first Word macro attack, as Ars Technica reports.

While Word macros can significantly enhance the application’s value, they’ve fallen out of favor over the years because of their tendency to be abused by malicious parties. Now, people who have used Word over the years probably think twice about clicking on the “enable macros” button that pops up when they open a document with embedded macros. MacOS users now also have good reason to hit the “disable macros” button instead unless they know for sure it’s from a safe source — or to discard the document entirely.

The malware in question comes via a Word document, “U.S. Allies and Rivals Digest Trump’s Victory — Carnegie Endowment for International Peace,” that when opened runs embedded Python code that comes from the EmPyre open-source exploit framework. The code is capable of accessing webcams, grabbing passwords and encryption keys, and snooping into browser histories — and the infection it creates is persistent. Before running, it checks to make sure that the Littlesnitch security firewall isn’t active.

As usual, the Word macro malware relies on the user clicking through the warning. Patrick Wardle, Director of Research at Synack, a security company, said in an analysis of the Word document, “By using macros in Word documents, they are exploiting the weakest link; humans! And moreover since macros are ‘legitimate’ functionality (vs. say a memory corruption vulnerability) the malware’s infection vector doesn’t have to worry about crashing the system nor being ‘patched’ out.”

Another piece of malware that researchers also describe as unsophisticated and “poorly written” was recently discovered separately from the Word macro. Other attacks have been identified in the past few years, demonstrating that malicious parties are starting to pay more attention to MacOS — enough so that Mac users should seriously consider installing some antivirus and antimalware software. It’s simply no longer true that it’s only Windows users who are vulnerable to attack.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Here are 5 macOS 15 features that I can’t wait to see
Apple CEO Tim Cook walks off stage after speaking during the Apple Worldwide Developers Conference.

Apple’s Worldwide Developers Conference (WWDC) is less than a month away, meaning it’ won't be long before we find out exactly what sort of updates are coming to macOS 15. It’s always an exciting time for Mac users, as we get to find out what Apple is doing to tune up its operating systems and improve the Mac experience for all of us.

By this stage, we’ve already seen a bunch of intriguing leaks hinting at what’s coming in macOS 15. There are a few things I really want Apple to fix, as well as plenty of cool features heading our way if the rumors prove to be correct.

Read more
The 6 key things Apple must fix in the next version of macOS
Craig Federighi introducing macOS Sonoma at Apple's Worldwide Developers Conference (WWDC) in June 2023.

I use macOS every day, and there’s no doubt that I love it as an operating system. Yet, despite how full of genuinely brilliant features it is, there are still a handful of things I just wish it did better.

Luckily, Apple’s Worldwide Developers Conference (WWDC) is just a month away, which means there’s not long until we see what kind of software improvements Apple has in store for us. I’ve been thinking hard about what kind of changes I’d like to see happen, from Siri to Stage Manager and everything in-between. Here are the key areas I think Apple needs to fix in macOS 15.
Hey Siri, meet AI
Even when I ask Siri for the WWDC date, it can't give me a straight answer. Digital Trends

Read more
Does your Mac need antivirus software in 2024? We asked the experts
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

It’s an age-old question among Apple fans: Does your Mac need antivirus software? Traditionally, the popular answer has been no -- Macs have strong built-in protections, the argument goes, and antivirus apps can potentially slow down your computer. In the end, the trade-off didn’t seem to be worth it.

But is that still true today? After all, Macs are increasingly becoming a target of cybercriminals, with some Mac malware strains supposedly even being created by nation states. In that kind of situation, has the game changed?

Read more