Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Attack Surface Of The Ubiquiti Connect EV Station
December 5, 2023
The Ubiquiti Connect EV Station is a Level 2 charging station for electric vehicles. The EV Station is meant to be managed by a Ubiquiti management platform running the UniFi OS Console, such as the Ubiquiti Dream Machine or Cloud Gateway. Users can also use the iOS or Android UniFi Connect mobile apps to configure the EV ...
- BlueNoroff: new Trojan attacking macOS users
December 5, 2023
Kaspersky researchers recently discovered a new variety of malicious loader that targets macOS, presumably linked to the BlueNoroff APT gang and its ongoing campaign known as RustBucket. The threat actor is known to attack financial organizations, particularly companies, whose activity is in any way related to cryptocurrency, as well as individuals who hold crypto assets or ...
- Hijackable Go Module Repositories
December 4, 2023
The Go module ecosystem is unique because it’s decentralized. Other packaging systems like Pypi or NPM require developers to create accounts to upload their packages. This gives the package platform the ability to moderate users and content. That isn’t the case with Go. Go developers publish modules by pushing their code to source control platforms like ...
- Protecting credentials against social engineering
December 4, 2023
Our story begins with a customer whose help desk unwittingly assisted a threat actor posing as a credentialed employee. In this fourth report in our ongoing Cyberattack Series, we look at the steps taken to discover, understand, and respond to a credential phishing and smishing (text-based phishing) cyberattack that targeted a legitimate, highly-privileged user with social ...
- The Obvious, The Normal, And The Advanced: A Comprehensive Analysis Of Outlook Attack Vectors
December 4, 2023
Outlook, the desktop app in the Microsoft Office suite, has become one of the world’s most popular apps for organizations worldwide for sending and receiving emails, scheduling conferences, and more. From the security perspective, the app is one of the critical “gateways” responsible for introducing various cyber threats into organizations. Even a minor security problem in ...
- UK: Sellafield nuclear site hacked by groups linked to Russia and China
December 4, 2023
The UK’s most hazardous nuclear site, Sellafield, has been hacked into by cyber groups closely linked to Russia and China, the Guardian can reveal. The astonishing disclosure and its potential effects have been consistently covered up by senior staff at the vast nuclear waste and decommissioning site, the investigation has found. The Guardian has discovered that ...

