Researchers Warn Mac Users About Malware Spreading Through the ClearFake Update: All the Information You Need

Scammers may jeopardize someone’s security and privacy in a number of ways, and they are becoming an increasingly widespread issue worldwide. Recent research indicates that threat actors are infecting Mac users with the Atomic Stealer malware, sometimes referred to as AMOS, by disguising a browser update chain as “ClearFake” cyber threat 223541793 16x9 0 11zon

A more recent malware operation known as ClearFake, according to cybersecurity company Malwarebytes, exploits compromised websites to distribute fake browser upgrades.

READ: ‘Google Docs Offline’ Extension Targets Indian HRs and Digital Marketers with Facebook Account Hacking Malware; Safety Advice

“Threat actors can reach a larger audience by using an expanding number of compromised sites at their disposal to steal passwords and files of interest that can be immediately monetized or used for other assaults,” the investigators said.

On November 17, Ankit Anubhav, a security researcher, discovered that Mac users were also receiving a payload linked to ClearFake. In July of this year, the ClearFake campaign was started with the goal of tricking Windows users into upgrading their Chrome browsers by creating false warnings on compromised websites using JavaScript injections. According to the report, these assaults utilize a Safari update bait in addition to the standard Chrome overlay.

Also Read: Amid growing tensions in China, iPhone assembler Foxconn plans to invest $1.5 billion in India.
“The payload is a DMG file that is intended just for Mac users. It seems to be a Safari or Chrome update. The researchers claim that after giving the victims instructions on how to access the file, it immediately starts to issue commands and asks for the administrator password.

When the researchers looked at strings from the malicious program in a file they were able to access, they saw the instructions, which included the ability to steal files and passwords. In the same file, they found the malware’s command and control site, which was the destination of the stolen data.

Also Read: Today, November 28, 2023, Gardnera Free Fire MAX Redeem Codes New Codes Are Live Now To Win Free Rewards | How to Make a Refund
READ: Facebook Fraud: ‘Look Who Died’ Notifications Aim for Users; Everything You Should Know

ClearFake is a particularly dangerous social engineering scheme that Mac users should be aware of, since it has become one of the most well-known in recent years. The researchers recommended using web protection technologies to turn off the threat actor’s dangerous infrastructure.

Related Articles

Back to top button