Hackers are once again targeting Mac users with dangerous information-stealing malware, siphoning passwords and other sensitive personal data from their computers
As reported by The Hacker News, we are actually dealing with two Mac malware, both designed to steal sensitive data from the best MacBooks and other Apple computers, although the infection methods are different
While the first infostealer is distributed using malicious ads on Google and other search engines, the second one lures potential victims to fake websites by luring them with free software
Here is everything you need to know about these new malware campaigns, along with tips and tricks to prevent your Mac from being infected with malware
All computers with macOS come with Safari preinstalled, but some Apple users prefer Google Chrome, while others like to try new browsers with different features
Although based on Chromium like many other browsers, Arc Browser makes things a little different thanks to its unique sidebar and approach to bookmarks since its release in 2022, Arc Browser has become a popular Mac users, making it a popular Safari alternative
The hackers behind this malware campaign are well aware of this fact and have purchased ad space for Arc Browser on Google and other search engines to capitalize on its popularity However, these look-alike sites are not directly accessible to the browser's official site (https://arcnet/),)に誘導するのではなく、マルウェアを提供する「aircinet」のようなそっくりなサイトに誘導する。このキャンペーンを最初に特定したJamf according to a new report by Threat Labs,
in order to avoid detection
When Mac users click on these ads and attempt to download what appears to be Arc Browser, installing the included file ("ArcSetupdmg") actually installs the Atomic Stealer malware on their Mac It will be installed The malware then uses fake prompts to trick victims into entering their system password This allows the hackers behind this campaign to access all sensitive data stored on the victim's Mac
In addition to the above, Jamf security researchers also discovered a similar campaign used to distribute Realst information-stealing malware
In this campaign, meethub gg, a fake website, is used, claiming to offer free group meeting scheduling software However, when Mac users download and install this software, they are instead infected with Realst malware
Like Atomic Stealer, Realst uses fake prompts to force victims to enter their system password From here, however, the malware uses AppleScript calls to perform malicious activities on the infected Mac
While this campaign uses free software as a lure, other campaigns that have spread the Realst information stealer in the past have used job offers and podcast interviews to trick unsuspecting users into installing malware on their computers What sets Realst apart from other Mac malware identified in the past is its ability to bypass macOS's Gatekeeper security feature, which, as the name implies, checks downloaded applications for malware infection before they are installed on a Mac Gatekeeper, as the name implies, checks downloaded applications for malware infection before they are installed on a Mac
As Jamf points out in his report, many of these attacks "often focus on people in the crypto industry" because of the potential for greater rewards for the hackers behind them However, there is always the possibility that the average user could also fall for them, as fake ads and fake software are routinely used to distribute these information stealers
To protect you and your Mac from malware, you need to be more careful online
When searching for new software on Google or any other search engine, it is strongly recommended that you scroll down to the developer's actual site instead of clicking on the first result The reason for this is that Google now displays ads at the top before you get to the actual search results below it Anyone (including hackers and other cybercriminals) can purchase ad space online, and clicking on these fake ads can lead you to phishing pages designed to steal credentials or to malicious sites that distribute malware
In addition to fake ads, hackers often create elaborate websites promoting seemingly legitimate fake software For this reason, we recommend sticking with well-known and reputable brands of software Free software may seem appealing, but it will end up costing you more in the long run, as your Mac could be infected with malware or, worse, have your personal information stolen Paid software is usually safer, but there are many legitimate free apps and programs out there You need to do your research first and check the company's actual website before downloading or installing
macOS has its own built-in malware scanner called XProtect, but for additional protection, you should also consider using the best Mac antivirus software suite Not only do many of them have more regularly updated malware scanning engines, but they also add other security features such as VPNs and password managers
The benefits of infecting a Mac with malware are enormous While owning a Mac used to be less likely to be infected with a virus than using a Windows laptop, this is no longer the case This means that Mac owners need to be extremely careful online, especially when it comes to downloading and installing new software
Comments