Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts


Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.

Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.

ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Zimbra 0-day used to target international government organizations

    November 16, 2023

    In June 2023, Google’s Threat Analysis Group (TAG) discovered an in-the-wild 0-day exploit targeting Zimbra Collaboration, an email server many organizations use to host their email. Since discovering the 0-day, now patched as CVE-2023-37580, TAG has observed four different groups exploiting the same bug to steal email data, user credentials, and authentication tokens. Most of this ...

  • Enhancing Computer Security for Nuclear Safety and Security

    November 16, 2023

    Nuclear safety and nuclear security share the same objective and vision: to protect individuals, societies and the environment from the potential harmful effects of ionizing radiation. Though the activities that address nuclear safety and nuclear security are different, it is essential to establish a well-coordinated approach to managing their interface. It is important to ensure that ...

  • Europol and Eurojust support Czech and Ukrainian police in taking down multi-million euro voice phishing gang

    November 16, 2023

    The Czech and Ukrainian police have disrupted, with the support of Europol and Eurojust, a prolific phishing gang believed to have defrauded victims across Europe of tens of millions of euros. In Czechia alone, the damage caused by this criminal group is estimated at over EUR 8 million (CZK 195 000 000). As a result of ...

  • Investigating the New Rhysida Ransomware

    November 15, 2023

    The Rhysida group was first identified in May 2023, when they claimed their first victim. This group deploys a ransomware variant known as Rhysida and also offers it as Ransomware-as-a-service (RaaS). The group has listed around 50 victims so far in 2023. The investigation conducted by the FortiGuard IR team and MDR team uncovered some of ...

  • 9 million patients had data stolen after US medical transcription firm hacked

    November 15, 2023

    Close to nine million patients had highly sensitive personal and health information stolen during a cyberattack on a U.S. medical transcription service earlier this year, representing one of the worst medical-related data breaches in recent times. The medical transcription company, Perry Johnson & Associates, or PJ&A, is a Henderson, Nevada-based company that provides transcription services to ...

  • Update now! Microsoft patches 3 actively exploited zero-days

    November 15, 2023

    Another important update round for this month’s Patch Tuesday. Microsoft has patched a total of 63 vulnerabilities in its operating systems. Five of these vulnerabilities qualify as zero-days, with three listed as being actively exploited. Microsoft considers a vulnerability to be a zero-day if it is publicly disclosed or actively exploited with no official fix available. ...