Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts


Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.

Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.

ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • CISA Releases Update to Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

    September 6, 2023

    The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to a previously published Cybersecurity Advisory (CSA), Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. The CSA—originally released to warn network defenders of critical infrastructure organizations about threat actors exploiting CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler (formerly Citrix) Application Delivery ...

  • CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack

    September 6, 2023

    CISA has released actionable guidance for Federal Civilian Executive Branch (FCEB) agencies to help them evaluate and mitigate the risk of volumetric distributed denial-of-service (DDoS) attacks against their websites and related web services. The Capacity Enhancement Guide: Volumetric DDoS Against Web Services Technical Guidance: Helps agencies prioritize DDoS mitigations based on mission and reputational impact. Describes DDoS ...

  • Analyzing a Facebook Profile Stealer Written in Node.js

    September 5, 2023

    During previous analysis of a campaign involving a Facebook stealer, Trend Micro researchers discovered another interesting stealer. It was written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a command-and-control (C&C) server, and employed GraphQL as a channel for C&C communication. This blog entry investigates this new stealer ...

  • New Agent Tesla Variant Being Spread by Crafted Excel Document

    September 5, 2023

    FortiGuard Labs captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access. It is often used for Malware-as-a-Service (MaaS). FortiGuard Labs researcher Xiaopeng Zhang performed an in-depth analysis of this campaign, from the initial phishing email to ...

  • CISA Releases Two Industrial Control Systems Advisories

    September 5, 2023

    CISA released two Industrial Control Systems (ICS) advisories on September 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-248-01 Fujitsu Limited Real-time Video Transmission Gear IP series Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • South Africa: Unprecedented cyber attacks target government entities

    September 5, 2023

    The incidence of spyware attacks has shown a significant surge of over 20% within South Africa with regard to 2023. The majority of these reported attacks have been concentrated on governmental websites and systems, thereby potentially engendering substantial instability to the national security framework of South Africa. The foundational principle of national security mandates that a ...