Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- FBI: BlackCat/ALPHV Ransomware Indicators of Compromise
April 20, 2022
This FLASH is part of a series of FBI reports to disseminate known indicators of compromise (IOCs) and tactics, techniques and procedures (TTPs) associated with ransomware variants identified through FBI investigations. As of March 2022, BlackCat/ALPHV ransomware as a service (RaaS) had compromised at least 60 entities worldwide and is the first ransomware group to do ...
- Ransomware gangs are getting a lot quicker at encrypting networks
April 20, 2022
A highly successful and aggressive ransomware gang is getting even faster at encrypting networks as they look to extort ransom payments from as many victims as possible. Researchers at Mandiant examined ransomware attacks by a cyber-criminal group they refer to as FIN12 – responsible for one in five attacks investigated by the cybersecurity company – and ...
- Five Eyes nations fear wave of Russian attacks against critical infrastructure
April 20, 2022
The Five Eyes nations’ cybersecurity agencies this week urged critical infrastructure to be ready for attacks by crews backed by or sympathetic to the Kremlin amid strong Western opposition to Russia’s invasion of Ukraine. The joint alert, issued by cybersecurity authorities in the US, UK, Australia, Canada and New Zealand, provides technical details on more than ...
- Lenovo patches UEFI firmware vulnerabilities impacting millions of users
April 19, 2022
Lenovo has patched a trio of bugs that could be abused to perform UEFI attacks. Discovered by ESET researcher Martin Smolár, the vulnerabilities, assigned as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, could be exploited to “deploy and successfully execute UEFI malware either in the form of SPI flash implants like LoJax or ESP implants like ESPecter” in the ...
- AWS’s Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation
April 19, 2022
ollowing Log4Shell, AWS released several hot patch solutions that monitor for vulnerable Java applications and Java containers and patch them on the fly. Each solution suits a different environment, covering standalone servers, Kubernetes clusters, Elastic Container Service (ECS) clusters and Fargate. The hot patches aren’t exclusive to AWS environments and can be installed onto any ...
- Critically Underrated: Studying the Data Distribution Service (DDS) Protocol
April 19, 2022
Despite being unknown even to industry practitioners, the Data Distribution Service (DDS) protocol has been in use for more than a decade. This middleware software technology is responsible for running billions of public and private devices and mechanisms currently in use. DDS is integral in embedded systems that require real-time machine-to-machine communication, facilitating a reliable ...

