Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts


Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.

Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.

ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Prudential reveals it was hit by data breach

    February 14, 2024

    Hackers were able to break into one of the largest life insurance companies in the United States and stole sensitive employee and contractor data. Prudential Financial has filed an 8-K form with the U.S. Securities and Exchange Commission (SEC) detailing the attack, according to a report. As per the filing, unnamed threat actors accessed the networks ...

  • TicTacToe Dropper

    February 14, 2024

    While analyzing malware samples collected from several victims, the FortiGuard team identified a grouping of malware droppers used to deliver various final-stage payloads throughout 2023. Malware droppers are malicious software designed to deliver and execute additional malware on a victim system and are employed to obfuscate final payloads during load and initial execution. Droppers within this ...

  • Bank Of America Warns Customers Of Data Breach Following 2023 Hack

    February 13, 2024

    A November 2023 breach at IT consulting and service provider Infosys McCamish Systems has now been confirmed to have led to a data breach impacting Bank of America customers. The number of Bank of America customers impacted by the breach, including personally identifiable information such as social security numbers, account numbers, date of birth and addresses, ...

  • CVE-2023-47218: QNAP QTS and QuTS Hero Unauthenticated Command Injection (FIXED)

    February 13, 2024

    Rapid7 has identified an unauthenticated command injection vulnerability in the QNAP operating system known as QTS and QuTS hero. QTS is a core part of the firmware for numerous QNAP entry- and mid-level Network Attached Storage (NAS) devices, and QuTS hero is a core part of the firmware for numerous QNAP high-end and enterprise NAS devices. ...

  • Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments

    February 12, 2024

    Over the past weeks, Proofpoint researchers have been monitoring an ongoing cloud account takeover campaign impacting dozens of Microsoft Azure environments and compromising hundreds of user accounts, including senior executives. This post serves as a community warning regarding the attack and offers suggestions that affected organizations can implement to protect themselves from it. Proofpoint researchers detected ...

  • UK: Contact details and national security numbers could have been stolen from Southern Water customers following cyber attack

    February 12, 2024

    The announcement, which went live on Southern Water’s website earlier today (February 12), confirms that ‘a limited part’ of the company’s server estate is at risk following an illegal intrusion earlier this year. Apologising for the breach, a spokesperson confirmed that the company is working with “expert technical advisers to confirm who is at risk,” and ...