Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts


Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.

Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.

ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • FBI: Renewable energy systems vulnerable to cyber attacks

    July 2, 2024

    The FBI has issued an official alert to the public about the potential for malicious cyber actors to disrupt power generation, steal intellectual property, or hold critical information for ransom within the U.S. renewable energy sector. The warning comes as federal and local governments increasingly advocate for renewable energies, expanding the industry and creating more opportunities ...

  • Personal data stolen from unsuspecting airport visitors and plane passengers in “evil twin” attacks

    July 1, 2024

    The Australian Federal Police (AFP) have charged a man for setting up fake free WiFi access points in order to steal personal data from people. The crime was discovered when an airline reported a suspicious WiFi network identified by its employees during a domestic flight. When the alleged perpetrator landed at Perth airport, his bags were ...

  • LockBit ransomware attack stole data on millions of Infosys McCamish users

    July 1, 2024

    When LockBit ransomware affiliates struck Infosys McCamish Systems (IMS) in late 2023, they did not steal sensitive information on some 57,000 people, as was initially thought. Instead, the threat actors stole valuable intel on more than six million people, a new report the IMS shared with the US authorities has said. The type of information stolen ...

  • SentinelLabs uncovers new CapraRAT spyware targeting Android users

    July 1, 2024

    A new report released today by SentinelLabs, warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications. CapraRAT is an Android remote-access trojan virus used by a Pakistan-linked threat actor called Transparent Tribe, also known as APT36, which first emerged around 2018. The malware has primarily been used for ...

  • The biggest data breaches in 2024: 1B stolen records and rising

    June 29, 2024

    We’re over halfway through 2024, and already this year we have seen some of the biggest, most damaging data breaches in recent history. And just when you think that some of these hacks can’t get any worse, they do. From huge stores of customers’ personal information getting scraped, stolen and posted online, to reams of medical ...

  • Remote access giant TeamViewer says Russian spies hacked its corporate network

    June 28, 2024

    TeamViewer, the company that makes widely used remote access tools for companies, has confirmed an ongoing cyberattack on its corporate network. In a statement Friday, the company attributed the compromise to government-backed hackers working for Russian intelligence, known as APT29 (and Midnight Blizzard). The Germany-based company said its investigation so far points to an initial intrusion on ...