ClearFake a New Malware Attacking Mac users via fake browser updates

Mac users were targeted by a fake browser update chain called ‘ClearFake’, which was delivered by Atomic Stealer to compromise their systems.

Malwarebytes has reported that one of the most commonly used social engineering initiatives, which was previously confined to Windows, may now be expanding its scope for the first time. The initiative may encompass not only geolocation but also OS systems.

EHA

It is important to note that threat actors have the ability to reach a wider audience by stealing valuable credentials and files which can be easily monetized or used for other malicious purposes. With an ever-growing list of compromised websites at their disposal, these actors pose a significant risk to data security and privacy.

This malware was first noticed in August through a number of upgrades. Its reroute mechanism is built using smart contracts, which makes it one of the most common and dangerous social engineering techniques.

Document
Free Webinar

Live API Attack Simulation Webinar

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked. The session will cover: an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

For years, fake browser updates have been a regular problem for Windows users. However, the hackers haven’t really moved on to MacOS until now. Because stealers like AMOS are so popular, it’s easy to make small changes to the payload to fit different users, reads the report.

Security researcher Ankit Anubhav noticed on November 17 that Mac users were also receiving ClearFake along with a matching payload:

matching payload
matching payload

This malware is run by opening a file that was instructed by the fakers, which immediately runs after being promoted for the administrative password.

To avoid these malicious infrastructures, the organization should leverage some web protection tools to block malicious threat actors.

ClearFake New Malware Mac
Clearfake

Fake browser updates have been a regular problem for Windows users for years. However, the hackers haven’t really moved on to MacOS until now. Because stealers like AMOS are so popular, making small changes to the payload to fit different users is easy.

Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.

Sujatha is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under her belt in Cyber Security, she is covering Cyber Security News, technology and other news.