1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Dangerous new MacOS malware is targeting Apple users everywhere -

    From TechnologyDaily@1337:1/100 to All on Mon Jun 9 17:45:06 2025
    Dangerous new MacOS malware is targeting Apple users everywhere - here's what you need to know

    Date:
    Mon, 09 Jun 2025 16:27:00 +0000

    Description:
    Russian hackers are spoofing a US-based telco firm to deploy infamous infostealing malware.

    FULL STORY ======================================================================CloudSek
    researchers find spoofed version of Spectrum website The site tricks people into running AMOS through the ClickFix method The researchers attributed the attack to a Russian-speaking group

    Russian threat actors have been seen using the popular ClickFix method to steal passwords and drop infostealer malware on macOS targets.

    Security researchers from CloudSek have reported multiple websites spoofing Spectrum, a US-based telecommunications provider. Victims visiting these websites would first be asked to verify that theyre human - however, the verification was designed to fail, after which the victims would be asked to use Alternative Verification.

    It is unclear why the attackers added the extra step - we can assume it is to throw the victims off and have them lower their guard. Revoking access tokens

    In any case, the alternative verification method copies a command on their clipboard, after which the victims are instructed to paste and run them on their devices.

    The command delivers AtomicOS (AMOS) - an infamous macOS infostealer that grabs passwords, cryptocurrency wallet data, and system information, from macOS users.

    CloudSek did not attribute the campaign to any particular threat actor, but
    it has determined that they are of Russian origin.

    While inspecting the source code of the delivery page, we came across a
    couple of comments in Russian, indicating that the malware is likely being spread by Russian speaking cybercriminals, the company said.

    It doesn't seem that the campaign targeted a specific group of people, or companies, but since it spoofs Spectrum, its safe to say the victims are the companys current, or potential, customers.

    The experts did note the campaign was set up rather clumsily: Poorly implemented logic in the delivery sites, such as mismatched instructions across platforms, points to hastily assembled infrastructure. This campaign highlights an increasing trend in multi-platform social engineering attacks targeting both consumer and corporate users, CloudSek concluded.

    ClickFix has gotten quite popular in recent times, with different security outfits reporting discovering different variants of the technique in the
    wild.

    Via The Hacker News You might also like This dangerous new Mac malware is being spread by Google Ads Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/new-macos-malware-is-targeting-apple-us ers-everywhere-heres-what-you-need-to-know


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)