Malware

Novel Infiniti Stealer targets macOS via ClickFix

Privacy concept: pixelated words Malware on digital background, 3d render

Attacks deploying the newly emergent Python-based Infiniti Stealer malware have been aimed at macOS devices as part of a new ClickFix campaign, reports SecurityWeek.

Threat actors have harnessed a fake Cloudflare-themed CAPTCHA page to lure macOS users into opening Terminal and running an illicit command, which retrieves a Bash script that enables embedded payload decoding and execution before deleting itself and ending the Terminal, according to Malwarebytes researchers. Integrated into the script's binary is a Nuitka-compiled loader that launches Infiniti Stealer. Apart from targeting Keychain data and browser credentials, Infiniti Stealer which avoids analysis environments also pilfers developer file secrets and screenshots.

"Infiniti Stealer shows how techniques that worked on Windows like ClickFix are now being adapted to target Mac users. It also uses newer techniques, like compiling Python into native apps, which makes the malware harder to detect and analyze. If this approach proves effective, we may see more attacks like this," said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Adware

You can skip this ad in 5 seconds