Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts


Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.

Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.

ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • CISA Releases Four Industrial Control Systems Advisories

    August 31, 2023

    CISA released four Industrial Control Systems (ICS) advisories on August 31, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-243-01 ARDEREG Sistemas SCADA ICSA-23-243-02 GE Digital CIMPLICITY Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • CISA and International Partners Release Malware Analysis Report on Infamous Chisel Mobile Malware

    August 31, 2023

    Today, the United Kingdom’s National Cyber Security Centre (NCSC-UK), the United States’ Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI), New Zealand’s National Cyber Security Centre (NCSC-NZ), the Canadian Centre for Cyber Security (CCCS), and the Australian Signals Directorate (ASD) published a joint Malware Analysis Report (MAR), ...

  • SapphireStealer: Open-source information stealer enables credential and data theft

    August 31, 2023

    SapphireStealer, an open-source information stealer, has been observed across public malware repositories with increasing frequency since its initial public release in December 2022. Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate credentials, which are often resold to other threat actors who leverage the access for additional attacks, including operations related ...

  • New hierarchy, heightened threat: Classiscam’s sustained global campaign

    August 31, 2023

    Classiscam was initially launched as a relatively straightforward scam operation. Cybercriminals created fake ads on marketplaces and classified sites, and leveraged social engineering techniques to trick users into “buying” the falsely-advertised goods or services, whether by transferring money directly to the scammers or by debiting money from the victim’s bank card. Over time, Classiscam schemes have ...

  • Secret Selfies: Can Phones Take Pictures and Videos of You Without Your Knowledge?

    August 31, 2023

    It’s a longstanding question: can your phone really take selfies without your knowledge? The answer is yes, but with a pretty big asterisk next to it. And that asterisk is known as spyware. Spyware can use your phone for snooping in several ways, including using your camera to take pictures and videos. What exactly is spyware? ...

  • CISA and FBI Publish Joint Advisory on QakBot Infrastructure

    August 30, 2023

    Today, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Identification and Disruption of QakBot Infrastructure, to help organizations detect and protect against newly identified QakBot-related activity and malware. QakBot—also known as Qbot, Quackbot, Pinkslipbot, and TA570—is responsible for thousands of malware infections globally. Originally used ...