Scam AMOS, or the malicious Atomic Stealer malware, is being introduced onto Mac computers through upgrades for Google Chrome and Safari on macOS. AMOS is a social engineering tool that is sent to Mac users with the ability to steal private files and passwords from Mac computers. It looks like malware authors are focusing on Mac users, therefore users will need to be on the lookout for malware and may need to utilize online protection solutions to protect themselves from malware disseminated through social engineering.
The latest iteration of Atomic Stealer, a malware that infects macOS users through a campaign called ClearFake—which leverages compromised WordPress websites to propagate phony browser updates for Chrome and Safari—was detailed by security firm Malwarebytes. Security researcher Ankit Anubhav recently discovered that AMOS was being distributed to macOS users through ClearFake.
The phony update page for Google Chrome that users are shown
Malwarebytes provided the photo.
A spoof Safari update page that includes out-of-date icons from previous macOS versions and hacked websites that closely imitate the Google Chrome download page are two ways the malware is spread. But the phony Chrome download appears more realistic, and the remainder of the homepage design may persuade some users to click and download the malware.
Under the pretense of a browser installer, the malicious.dmg file is downloaded to the Mac computer when the user clicks the download button. Upon downloading and opening, the user is required to input the administrator password, which will enable the execution of malicious commands on the device. These operations may involve the theft of passwords from Apple’s Keychain and the exfiltration of documents, photos, wallets, and other data from the user’s desktop and documents folders on macOS.
Users must use some sort of browser protection, like Google Chrome’s Safe Browsing setting, to ensure they are safe from the infection. By doing this, you may prevent the entire loading of some of these harmful websites.
In the interim, consumers ought to refrain from downloading Chrome installations from unidentified sources. These social engineering websites are designed to deceive those who might have trouble telling which websites are real. As a general guideline, see if google.com appears in the address bar. On the other hand, customers cannot install any official downloads because Apple only distributes operating system updates together with Safari updates.
Redmi K70E With MediaTek Dimensity 8300 Ultra SoC Officially Teased; Key Specifications, Design Surface Online
