Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Android apps with 45 million installs used data harvesting SDK
April 7, 2022
Mobile malware analysts warn about a set of applications available on the Google Play Store, which collected sensitive user data from over 45 million installs of the apps. The apps collected this data through a third-party SDK that includes the ability to capture clipboard content, GPS data, email addresses, phone numbers, and even the user’s modem ...
- Demand for cyber threat intel growing, White House official says
April 6, 2022
Private sector companies are increasingly asking the federal government for cyber threat intelligence as they seek to shore up their defenses against growing online threats, a White House cyber official told lawmakers on Wednesday. Robert Knake, a U.S. official in charge of budget and policy at the White House’s Office of the National Cyber Director, told ...
- Conti gang is still in business, despite its own massive data leak
April 6, 2022
The Conti ransomware gang is still actively running campaigns against victims around the world, despite the inner workings of the group being revealed by data leaks. One of the most prolific ransomware groups of the last year, Conti has encrypted networks of hospitals, businesses, government agencies and more – in many cases, receiving a significant ransom ...
- Palo Alto Networks firewalls, VPNs vulnerable to OpenSSL bug
April 6, 2022
American cybersecurity company Palo Alto Networks warned customers on Wednesday that some of its firewall, VPN, and XDR products are vulnerable to a high severity OpenSSL infinite loop bug disclosed three weeks ago. Threat actors can exploit this security vulnerability (tracked as CVE-2022-0778) to trigger a denial of service state and remotely crash devices running unpatched ...
- Denonia malware targets AWS Lambda environments
April 6, 2022
A new malware variant that targets AWS Lambda has been discovered. On Wednesday, researchers from Cado Security published their findings on Denonia, malware currently being used in targeted attacks against Lambda. Lambda is a scalable compute service offered by Amazon Web Services (AWS) for running code, server and OS maintenance, capacity provisioning, logging, and operating numerous backend ...
- Cicada: Chinese APT Group Widens Targeting in Recent Espionage Activity
April 5, 2022
A Chinese state-backed advanced persistent threat (APT) group is attacking organizations around the globe in a likely espionage campaign that has been ongoing for several months. Victims in this Cicada (aka APT10) campaign include government, legal, religious, and non-governmental organizations (NGOs) in multiple countries around the world, including in Europe, Asia, and North America. The wide ...

