Scammers may jeopardize someone’s security and privacy in a number of ways, and they are becoming an increasingly widespread issue worldwide. Recent research indicates that threat actors are infecting Mac users with the Atomic Stealer malware, sometimes referred to as AMOS, by disguising a browser update chain as “ClearFake”.
A more recent malware operation known as ClearFake, according to cybersecurity company Malwarebytes, exploits compromised websites to distribute fake browser upgrades.
READ: ‘Google Docs Offline’ Extension Targets Indian HRs and Digital Marketers with Facebook Account Hacking Malware; Safety Advice
“Threat actors can reach a larger audience by using an expanding number of compromised sites at their disposal to steal passwords and files of interest that can be immediately monetized or used for other assaults,” the investigators said.
Also Read: Amid growing tensions in China, iPhone assembler Foxconn plans to invest $1.5 billion in India.
“The payload is a DMG file that is intended just for Mac users. It seems to be a Safari or Chrome update. The researchers claim that after giving the victims instructions on how to access the file, it immediately starts to issue commands and asks for the administrator password.
When the researchers looked at strings from the malicious program in a file they were able to access, they saw the instructions, which included the ability to steal files and passwords. In the same file, they found the malware’s command and control site, which was the destination of the stolen data.
Also Read: Today, November 28, 2023, Gardnera Free Fire MAX Redeem Codes New Codes Are Live Now To Win Free Rewards | How to Make a Refund
READ: Facebook Fraud: ‘Look Who Died’ Notifications Aim for Users; Everything You Should Know
ClearFake is a particularly dangerous social engineering scheme that Mac users should be aware of, since it has become one of the most well-known in recent years. The researchers recommended using web protection technologies to turn off the threat actor’s dangerous infrastructure.