Apple macOS users targeted with more cyberattacks via dodgy ads and websites

Be careful when searching for software

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hackers are targetingApplemacOS users with a range of different infostealers in an attempt to grab sensitive data and, possibly, money, experts have warned.

A newreportfrom cybersecurity researchers at Jamf Threat Labs found hackers were using multiple different approaches to try and drop themalware.

In one campaign, they created a fake download website and fake ads for a browser called Arc and pushed them through search engines.

Targeting macOS crypto fans

“Interestingly, the malicious website cannot be accessed directly, as it returns an error,” security researchers said. “It can only be accessed through a generated sponsored link, presumably to evade detection.”

Those that end up on the site and download the program will get Atomic Stealer, a known infostealer that was initially focused on grabbing cryptocurrency wallet-related information. Since its inception, Atomic Stealer, also known as AMOS, grew to target differentoperating systems, and grab more information, including stored passwords and sensitive files.

In September 2023, security researchers from Malwarebytes reported on hackers tricking people with promises of software cracks, loaders, and key generators to get them to download AMOS.

A separate campaign has seen hackers offering a fake free group meeting software which, in reality, downloads a different infostealer based on Realst. In this campaign, the victims are approached either to participate in a podcast, or in a job interview, and are invited to download the video conferencing tool.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“These attacks are often focused on those in the crypto industry as such efforts can lead to large payouts for attackers,” the researchers said. “Those in the industry should be hyper-aware that it’s often easy to find public information that they are asset holders or can easily be tied to a company that puts them in this industry.”

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption