Nearly 2,800 websites, including a Brazilian news site, have been infected with the Atomic macOS Stealer, or AMOS, malware as part of the new MacReaper attack campaign that involved the exploitation of the ClickFix technique, according to GBHackers News.
Attackers using a blockchain-based infrastructure commenced intrusions with the targeting of macOS users with bogus Google reCAPTCHA verification interfaces that copy malicious commands to the clipboard, which then execute the AMOS malware, a report from BadByte showed. Installation of AMOS then facilitates the exfiltration of browser-stored data, passwords, cryptocurrency wallets, system details, and other files. "The attack is meticulously designed to target macOS users, using a combination of client-side and server-side mechanisms to ensure the ClickFix interface is displayed only on macOS devices," said researchers. Organizations have been urged to defend themselves from such a threat by avoiding the execution of website-prompted terminal commands, tracking network traffic, adopting robust endpoint detection tools and content security policies, and ensuring updated macOS and security software.
Attackers using a blockchain-based infrastructure commenced intrusions with the targeting of macOS users with bogus Google reCAPTCHA verification interfaces that copy malicious commands to the clipboard, which then execute the AMOS malware, a report from BadByte showed. Installation of AMOS then facilitates the exfiltration of browser-stored data, passwords, cryptocurrency wallets, system details, and other files. "The attack is meticulously designed to target macOS users, using a combination of client-side and server-side mechanisms to ensure the ClickFix interface is displayed only on macOS devices," said researchers. Organizations have been urged to defend themselves from such a threat by avoiding the execution of website-prompted terminal commands, tracking network traffic, adopting robust endpoint detection tools and content security policies, and ensuring updated macOS and security software.
