Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- A cryptor, a stealer and a banking trojan
September 28, 2023
Last month Kaspersky researchers covered a wide range of cybercrime topics. For example, Kaspersky published a private report on a new malware found on underground forums that they call ASMCrypt (related to the DoubleFinger loader). But there’s more going on in the cybercrime landscape, so the researchers also published reports on new versions of the Lumma ...
- phpPgAdmin deserialization vulnerability
September 28, 2023
phpPgAdmin is an open-source, web-based administration tool for managing PostgreSQL, an advanced, enterprise-class, and open-source relational database system. phpPgAdmin is written in PHP and provides a user-friendly interface that allows users to perform various database management tasks. Users can create, modify, and delete databases, tables, and records through this interface, making it a valuable tool ...
- Indian Cyber Force Claims Responsibility for Cyber Attacks on Canadian Websites
September 28, 2023
A group of pro-India hackers on Wednesday claimed responsibility for bringing down the website of the Canadian Armed Forces for two hours. Following a diplomatic winter between India and Canada, the group, which identifies itself as Indian Cyber Force, warned of launching cyber attacks on Canadian websites on September 21. In the last few days, the ...
- Edinburgh Trams website offline following ‘cyber- attack’
September 28, 2023
An Edinburgh transport website has been taken offline after a “cyber attack”. Edinburgh Trams said on Thursday it was the victim of a “cyber crime” which has affected its website. Threat intelligence platform FalconFeeds said that international ransomware group NoName was behind the attack, and also targeted Swiftcard and Mersey Ferries Limited. Read more… Source: STV News
- Russia: Leonardo’s air booking system resumes after cyberattack
September 28, 2023
Russian state conglomerate Rostec said on Thursday it had restored normal operations at its Leonardo air booking system following what it called a “massive cyberattack from abroad”. “The cyberattack has been successfully repelled,” Rostec said in a statement. It described the incident as a Distributed Denial-of-Service (DDoS) Attack”, in which the attacker floods a server with ...
- QR codes in email phishing
September 27, 2023
QR codes are everywhere: you can see them on posters and leaflets, ATM screens, price tags and merchandise, historical buildings and monuments. People use them to share information, promote various online resources, pay for their goodies, and pass verification. And yet you don’t see lots of QR codes in email: users often read messages on ...

