Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- China denies iPhone ban for officials but notes its ‘security incidents’
September 13, 2023
Just hours after Apple wrapped up its annual product launch for the hotly anticipated iPhone 15, the Chinese government denied reports that it had banned officials from using the smartphones — and then noted recent “security incidents” involving the devices. “China has not issued any legislation, regulations or policy documents prohibiting the purchase and use of ...
- Sri Lanka: Report called over cyberattack on government sites
September 13, 2023
The Ministry of Technology said an investigation was called into the cyberattack that transpired on the 26th of August 2023. The statement added that the cyberattack, which targeted email systems under the ‘gov.lk’ domain, resulted in substantial data loss and a disruption of communications within various state offices. It stated that the ICTA disclosed that this ...
- A peek into APT36’s updated arsenal
September 12, 2023
In July 2023, Zscaler ThreatLabz discovered new malicious activity perpetuated by the Pakistan-based advanced persistent threat group (APT36). APT36 is a sophisticated cyber threat group with a history of conducting targeted espionage operations in South Asia. Zscaler ThreatLabz observed APT36 targeting Indian government sectors using a previously undocumented Windows RAT, new cyber espionage utilities for ...
- New MidgeDropper Variant
September 12, 2023
One of the most exciting aspects of malware analysis is coming across a family that is new or rare to the reversing community. Determining the function of the malware, who created it, and the reasons behind it become a mystery to solve. The previously unseen dropper variant FortiGuard Labs researchers recently found, named MidgeDropper, has ...
- Redfly: Espionage Actors Continue to Target Critical Infrastructure
September 12, 2023
Espionage actors are continuing to mount attacks on critical national infrastructure (CNI) targets, a trend that has become a source of concern for governments and CNI organizations worldwide. Symantec’s Threat Hunter Team has found evidence that a threat actor group Symantec calls Redfly used the ShadowPad Trojan to compromise a national grid in an Asian ...
- Malware distributor Storm-0324 facilitates ransomware access
September 12, 2023
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool ...

