Dok Malware is the Disease that Ailes You

Currently, there is NO cure...

Malware – and specifically ransomware – is probably the most compelling reason I know of to completely abandon personal computing. Depending on where you are, what bug(s) you get, and how badly it affects you, I can totally understand the urge some people must feel to leave the computer age behind. Ransomware, or the type of computer virus that encrypts your hard drive without any way of recovering your data unless and until you cough up a payment or two to a hacker, who is then supposed to send you a key that removes the encryption from your hard drive, allowing you to recover your data, can be especially damaging if you don’t have the data backed up or if your backup(s) also gets infected. Infections like these are especially harmful to small businesses that simply don’t have the cash or resources to remove the infection or pay the ransom.

In order to prevent infections like these, regardless of what operating system or computer type you use, its highly recommended that you use a reputable malware scanner. Like I said… anyone can get malware… (Part 1, Part 2). Problems start when the malware scanner you’re using can’t detect the latest, greatest bug to be declared in the wild – case in point: Dok is the latest critter to move into the macOS space, and it targets ALL versions of OS X and macOS; and will take complete control of your Mac if you let it.

Before we go any further, there is a silver lining to this massive, malware cloud of doom – it’s a phishing attack that requires the user to open a ZIP archive that’s attached to an email message. This should be a warning sign to just about everyone – opening ZIP attachments in an email is likely NOT a good idea, regardless of where they’re coming from or who is sending them.

So, what exactly is phishing? According to Wikipedia, phishing is

“the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. [Phishing] is a neologism created as a homophone of fishing due to the similarity of using bait in an attempt to catch a victim.”

Most phishing attempts usually occur via email or instant messaging (so you have to be careful with IM apps as well…) and the “attack” occurs when you open a specific attachment or open an active web page that executes code that directs you to enter personal information on to a page that looks and feels like the real thing. Phishing messages are often sent by imitations of auction sites, credit card and bank sites, online payment processing sites, or from an “IT administrator” from any of those places. The idea is to fool you into thinking that the website or service you’re using/ viewing is legitimate so the hacker can install or execute some other program that will steal financial or other information from you that will provide them with financial gain.

The best and worst thing about phishing attacks is that most users can prevent them by not clicking on suspicious links or opening dubious email attachments sent from people or places you don’t know or recognize or aren’t expecting to receive messages from.

According to Check Point Software, a leading antimalware software publisher, Dok isn’t detectable by any malware scanner from any vendor as of this writing. While this is likely to change quickly, it still represents a huge problem. Dok uses a signed developer certificate. This means that your Mac will allow it to install despite having Gatekeeper active. That signed developer cert is authenticated by Apple, and because of THAT, if you open a ZIP file on your Mac, you could be risking infection.

Once Dok is installed on your Mac, the malware has elevated privileges that will provide access to all communication methods, even those sent over SSL connections, by redirecting all of your traffic through a malicious proxy server. All of your traffic will be monitored, and the person(s) monitoring that data can look through the details, saving what they want. This information could include access to the financial and other PMI based accounts you opened while infected.

The best way to keep yourself infection free at this point is to stay uninfected. In other words, don’t open any ZIP files from anyone. Period. Just delete the email. If you think the sender is a trusted party, email them back and make other arrangements to retrieve the attachments. Services like Dropbox, Google Drive and Microsoft OneDrive all have ways to send secure links to files you want to share with others. Look into those.
Additional information on Dok can be found at Check Point’s Advisories archive. If you’re running Check Point Antivirus R75 – R77, you can prevent unauthorized remote access by following these instructions. If you suspect you already have Dok, you need to take a look at this article by Lory Gil over at iMore. All the folks there are awesome; and this article is especially helpful.

As I mentioned earlier, the best way to keep yourself infection free is to not open attachments in email, especially attachments from someone you don’t know; or if you get unexpected attachments from someone you do know.

In the case of the latter, a quick phone call or text message asking if they did send you something can save you a huge headache. Err on the side of caution, kids. It’s better to be safe than sorry…

You should also make certain you’re running a good antimalware app. If you’re running macOS, you can find one here. If you’re running a Windows machine, you can find one here.

Related Posts:

ZIP Reader

Peek inside SecureZIP or PKZip files with this free Windows utility.

ZR-01Some times, even though your archives are named appropriately, you forget what you’ve stored in them. I know that’s happened to me more than once, especially with archives that have a bit of age on them. This is one of the reasons why I like Zip Reader. It’s a nifty archive utility for Windows, and its something everyone should have.

ZIP Reader is a free Windows utility that allows users to open files that have been compressed using a archiving utility like SecureZIP or PKZIP. ZIP Reader decrypts Secure ZIP files created by any PKWARE product, regardless of hardware platform. That means Windows users can access files encrypted and compressed on any supported platform. It doesn’t matter where you made it. If its in ZIP format, Zip Reader can peek inside and see what’s there.

The application is simple to use and has a cool auto launch feature. All you have to do is double click on any ZIP file or simply drag-and-drop the ZIP file on to the ZIP Reader icon. The file will unzip automatically, showing its contents.

ZR-03

Zip Reader is a must have application. The app is easy to use and it makes sense to have a tool that can read and decompress archives zipped on other machines with other operating systems. The face of computing is changing. Having a cross platform tool of this type is going to be important during this transitional time. If you don’t have Zip Reader, you should give it a serious look.

download ZipReader

Related Posts:

Multi Commander the complete Windows files manager

Windows Explorer was never an option for managing files due to its single pane interface. Therefore many private developers have released other file managers resembling with Norton Commander concept featuring double pane interface for a faster browsing experience.

Multi Commander is another double pane files manager that wants to become as popular as Christian Ghisler’s Total Commander. Being developed by Mathias Svensson, the program brings some interesting new features dedicated especially for the hard-core users. Each windows pane receives a folder tree option and customizable tabs. These tabs can be set on opening any folder in order to ensure fast access to the most favorite locations on your PC.

Compared to its direct opponent, Multi Commander brings also an extensive number of free built-in plug-ins such as: support for various archive formats (ex.: .zip and .rar), FTP access and a Registry Viewer and Editor. Latest version of this program brings also customizable file colors and a new listing including information from IMDB and RottenTomatoes.com for your movies saved on your hard-drive.

At the moment Multi Commander 1.10 is available for free for Windows XP, Server, Vista and 7.

download Multi Commander

Related Posts:

WinZip Mac Edition updated

Corel updated WinZip Mac Edition to version 1.5. From the functionality point of view, the application features:

Improved support for Mac application bundles (.app), with the option to view package contents before unzipping. You can also extract individual applications in a Zip file directly into your applications folder

Option to include hidden files when zipping, in order to preserve the full content, structure, and presentation of file folders.

Ability to extract an even wider range of compressed file types, including files without Zip or Zipx extensions (such as .jar and .war files).

With WinZip Mac Edition you can also share archiving data or burn Zip files to CD/DVD. The enhanced interface gives an at a glance breakdown of file sizes before and after compression, showing you exactly how much space was saved by zipping.

Zip and Email’ feature now allows you to resize and compress your high-resolution photos before attaching them to your email, reducing their size and optimizing them to fit standard computer screens.

Related Posts:

QManga a proper comic reader

While the title suggests a comic reader specialized on manga, the truth is that with Qmanga you can read any comics which may be in the JPG, ZIP, RAR, PNG, GIF, even CBZ and CBR format. With a single toolbar on top of the main window providing the basic tools for scrolling through pages, rotating the image and getting into fullscreen mode, Qmanga provides the perfect medium for viewing comics. But it still lacks of some important features that are common for most of the e-book readers. It has no Page Thumbnails list that gives you the ability to jump to any desired page from a single glimpse. It features no pagination, or zoom option.

read full review | download QManga

Related Posts:

Hamster Zip Archiver is a faster and more friendly alternative to 7-Zip

Created by the same developer who made the gorgeous CD, DVD and Blu-ray burner – Free Burning Studio, (which we reviewed in the past), today I’m going to present another good looking application, called Hamster Zip Archive. As the name suggest, Hamster Zip Archive is an archiving utility, actually, an alternative to 7-zip – which is one of the best archiving utility available out there. However, 7-zip has some drawbacks, like being quite hard for beginners and lacks some UI specific aspects.

In the contrary, Hamster Zip Archive covers all.

Read full reviewDownload Hamster Zip Archiver

Related Posts:

WinArchiver Virtual Drive – A Free Virtual CD/DVD ROM Utility for Windows

WinArchiver Virtual Drive is a free Virtual CD/DVD ROM utility. It can mount not only all popular CD/DVD image files, but also all popular archives. WinArchiver Virtual Drive supports the following file types: .zip (WinZip Files), .rar (WinRAR Files), .7z (7z Files), .mzp (Mountable Archive), .iso (CD/DVD Image File), .001 (7z Sub Volume), .arj, .bz2, .bzip2, .gz, .gzip, .tar, .taz, .tbz, .tbz2, .tgz, .tpz, .cab, .cpio, .deb, .lha, .lzh, .rpm, .split, .swm, .wim (Windows Imaging File), .z, .daa (PowerISO File), .bin, .cue, .mdf, .mds, .ashdisc, .bwi, .b5i, .lcd, .img, .cdi, .cif, .p01, .pdi, .nrg (Nero Disc Image), .ncd, .pxi, .gi, .fcd, .vcd, .c2d, .dmg (Apple Disc Image), .bif, .ima, .flp, .uif (MagicISO File).

WinArchiver Virtual Drive can mount ZIP, RAR, 7Z, and other archives as virtual drive instantly. It provides a more convenient and faster way to access files in archives. You can mount an archive as a virtual drive, then access files in the archive through the virtual drive. With this feature, you don’t need unpack archives before open files in archive, which can help you save lots of time.

You can download WinArchiver Virtual Drive from here.

Related Posts:

Stay in touch with Soft32

Soft32.com is a software free download website that provides:

121.218 programs and games that were downloaded 237.780.356 times by 402.775 members in our Soft32.com Community!

Get the latest software updates directly to your inbox

Find us on Facebook