Hackers Are Spreading Mac Malware via Fake Browser Update - Don't Be Fooled

Hackers Are Spreading Mac Malware via Fake Browser Update - Don't Be Fooled

Even the best MacBooks can be infected with nasty malware if you're not careful online. That's why hackers are repurposing social engineering campaigns that were previously exclusive to Windows to infect Apple computers with Mac malware.

According to a new blog post from cybersecurity firm Malwarebytes, the popular Atomic Stealer malware is being used in a new campaign to trick unsuspecting users with fake browser updates and infect their devices with malware used.

We recently saw Atomic Stealer used to infect Macs through malicious ads, but this new campaign is slightly different because it uses a compromised website to distribute fake browser updates. First discovered in August by security researcher Randy McEoin and dubbed ClearFake, the campaign has since used smart contracts to build a redirection mechanism used to direct potential victims to malicious sites It has undergone a number of upgrades, including.

Here is everything you need to know about ClearFake and what you need to watch out for if you are a Mac user worried about becoming a victim of malware.

Just a few days ago, on November 17, another security researcher named Ankit Anubhav observed that ClearFake was being distributed to Mac users in addition to the best Windows laptops.

In such attacks, unsuspecting Mac users are directed to a page posing as Apple's official download portal for Safari when they click on a malicious link distributed in a phishing email or social media post. However, since many Mac owners use Chrome instead of Safari, the hackers behind this campaign have also developed a fake portal for Google's browser.

Clicking the "Download" button on the fake Safari page or the "Update Chrome" button on the fake Chrome page downloads a DMG file to the Mac that purports to be a browser update. When you click on this file to launch it, you will see a text box requesting an administrator password. If you simply give up the password, the Atomic Stealer malware will have full access to your Mac.

From here, the malware steals browsing data, cookies, passwords, credit card numbers, and other sensitive data stored on your Mac and sends it back to the hackers behind ClearFake. In addition to committing fraud, this information can even be used to steal your identity.

Fake browser updates like the above have been the bane of Windows users for years now. However, as Macs became more popular, hackers shifted their focus from targeting computers running Windows to targeting computers running macOS.

This means that you need to be extra careful when updating your browser and other Mac apps: Safari can be updated from the Software Update menu by clicking on System Preferences from the Apple menu. If you prefer Google Chrome, see how to update Chrome, which can be done directly from Google's browser.

Neither Apple nor Google will provide updates to users in this manner. In fact, if you receive such a warning, you should avoid it altogether, as hackers are most likely behind it.

For additional protection and complete avoidance of phishing sites, you should also consider using the best Mac antivirus software solution. xProtect antivirus software is built into the Mac, but paid antivirus software is more regularly updated regularly and often come with useful features such as VPN and password managers.

In a statement to Tom's Guide, Jérôme Segura, Senior Director of Threat Intelligence at Malwarebytes, provides additional insight into how to protect yourself against Atomic Stealer and other online threats targeting Macs. He offers the following: [Atomic Stealer is a piece of malware that targets Macs and is increasingly being distributed via particularly malicious ad campaigns and now compromised sites. The lure is classic social engineering, redirecting victims to a decoy page posing as a browser update. The malware steals passwords, crypto wallets, and sensitive files immediately after installation. The best defense against this threat is to block the malicious redirects occurring on the hacked site and prevent fake updates from being downloaded.

Malware targeting Macs will continue to grow, so it may be best to abandon once and for all the idea that Macs are safer than Windows.

.

Categories