Tag: macOS

Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS
News

Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS

Since at least 2018, threat actors with connections to Pakistan have been associated with a protracted malware campaign known as Operation Celestial Force. According to Cisco Talos, the activity is still ongoing and involves the use of two malware programs: one for Android called GravityRAT and the other for Windows called HeavyLift. Both programs are managed by a separate standalone utility called GravityAdmin. The cybersecurity claimed that an opponent it follows by the name of Cosmic Leopard, also known as SpaceCobra, was responsible for the intrusion and that it shared some tactical similarities with Transparent Tribe read more Pakistan-linked Malware Campaign Evolves to Target Windows Android and macOS. Get up to date on the latest cybersecurity news and enhance your knowled...
Atomic Stealer malware strikes macOS via fake browser updates
News

Atomic Stealer malware strikes macOS via fake browser updates

The 'ClearFake' fake browser update campaign has expanded to macOS, with Atomic Stealer (AMOS) malware targeting Apple computers. The ClearFake campaign began in July of this year, with the goal of targeting Windows users with bogus Chrome update prompts that appear on compromised sites via JavaScript injections. Guardio Labs discovered a significant development for the malicious operation in October 2023, which used Binance Smart Chain contracts to conceal its malicious scripts supporting the infection chain in the blockchain. The operators used this technique, dubbed "EtherHiding," to distribute Windows-targeting payloads, including information-stealing malware such as RedLine read more Atomic Stealer malware strikes macOS via fake browser updates. Get up to date on the late...
Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware
News

Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware

An updated version of the Atomic Stealer (or AMOS) macOS stealer malware has been seen being distributed through a fresh malvertising operation, showing that its creator is still actively maintaining it. Atomic Stealer, a ready-made Golang malware that costs $1,000 a month, first came to light in April 2023. Soon after, other variations that targeted bitcoin users and gamers were discovered in the wild. These variants had an expanded set of information-gathering functions. Google Ads have been identified as the main distribution channel for malicious advertisements, which are displayed to users who are looking for popular software on search engines, either legally or illegally, and which link to websites that hold malicious installations read more Malvertising Campaign Spreads Atomi...
Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack
News

Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack

An attempt to install the JokerSpy backdoor for Apple macOS was launched earlier this month against an unidentified bitcoin exchange in Japan. Swiftbelt, a Swift-based enumeration tool inspired by an open-source programme called SeatBelt, was installed as a result of the attack, according to Elastic Security Labs, which is monitoring the intrusion set with the intrusion set identifier REF9134. JokerSky was initially described as a sophisticated toolkit intended to compromise macOS Macs by Bitdefender last week. There isn't much information available regarding the threat actor responsible for the operation, other than the fact that the attacks make use of a number of Python read more Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack. Stay one step ahe...