Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- BlackCat ransomware claims attack on European gas pipeline
August 1, 2022
The ALPHV ransomware gang, aka BlackCat, claimed responsibility for a cyberattack against Creos Luxembourg S.A. last week, a natural gas pipeline and electricity network operator in the central European country. Creos’ owner, Encevo, who operates as an energy supplier in five EU countries, announced on July 25 that they had suffered a cyberattack the previous weekend, ...
- Activists use torrents to spread uncensored news to Russian pirates
August 1, 2022
A team of Ukrainian cyber-activists has thought of a simple yet potentially effective way to spread uncensored information in Russia: bundling torrents with text and video files pretending to include installation instructions. Named “Torrents of Truth,” the initiative is similar to “Call Russia,” a project to help break through Russian propaganda and open people’s eyes to ...
- Russian Hackers Target U.S. HIMARS Maker in ‘New Type of Attack’
August 1, 2022
ussian hackers have launched “a new type of attack” on American military company Lockheed Martin, the maker of the M142 High Mobility Artillery Rocket System (HIMARS), the weapon the hackers believe is responsible for thousands of deaths in Ukraine, according to a pro-Moscow news website. The Kremlin-supporting Life website reported that the cyberattack by the Killnet ...
- Huge network of 11,000 fake investment sites targets Europe
July 31, 2022
Researchers have uncovered a gigantic network of more than 11,000 domains used to promote numerous fake investment schemes to users in Europe. The platforms show fabricated evidence of enrichment and falsified celebrity endorsements to create an image of legitimacy and lure in a larger number of victims. The goal of the operation is to trick users into ...
- Federal courts hit by “significant and sophisticated” cyberattack in 2020
July 28, 2022
The US federal court system was hit with a significant cyber breach in 2020, unrelated to the SolarWinds attack, that a US congressman on Thursday called “incredibly significant and sophisticated.” At a hearing of the House Judiciary Committee, chairman Jerrold Nadler, D-NY, noted that the Administrative Office of the Courts released a public statement about the ...
- LofyLife: malicious npm packages steal Discord tokens and bank card data
July 28, 2022
On July 26, using the internal automated system for monitoring open-source repositories, Kaspersky researchers identified four suspicious packages in the Node Package Manager (npm) repository. All these packages contained highly obfuscated malicious Python and JavaScript code. We dubbed this malicious campaign “LofyLife”. The Python malware is a modified version of an open-source token logger called Volt ...

