Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts


Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.

Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.

ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • CISA: Implement Cybersecurity Measures Now to Protect Against Potential Critical Threats

    January 18, 2022

    Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies, non-profits, and other organizations, large and small, across multiple sectors of the economy. Most recently, public and private entities in Ukraine ...

  • New Ransomware Spotted: White Rabbit and Its Evasion Tactics

    January 18, 2022

    Thrend Micro researchers spotted the new ransomware family White Rabbit discretely making a name for itself by executing an attack on a local US bank in December 2021. This newcomer takes a page from Egregor, a more established ransomware family, in hiding its malicious activity and carries a potential connection to the advanced persistent threat ...

  • DHL, Microsoft, WhatsApp top phishing list of most imitated brands

    January 17, 2022

    DHL took over the top spot of Check Point Research’s list of the most imitated brands among cybercriminals this year, surpassing Microsoft and Google as the brand used most often in phishing emails and scams. The company’s Q4 Brand Phishing Report for 2021 ranks the top 10 most imitated brands in October, November and December. Researchers ...

  • Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques

    January 17, 2022

    Since mid-2021, Trend Micro researchers have been investigating a rather elusive threat actor called Earth Lusca that targets organizations globally via a campaign that uses traditional social engineering techniques such as spear phishing and watering holes. The group’s primary motivation seems to be cyberespionage: the list of its victims includes high value targets such as ...

  • Cyber espionage campaign targets renewable energy companies

    January 17, 2022

    A large-scale cyber-espionage campaign targeting primarily renewable energy and industrial technology organizations have been discovered to be active since at least 2019, targeting over fifteen entities worldwide. The campaign was discovered by security researcher William Thomas, a Curated Intelligence trust group member, who employed OSINT (open-source intelligence) techniques like DNS scans and public sandbox submissions. Thomas’ analysis ...

  • Technology developed to track spread of coronavirus could be abused, privacy campaigner warns

    January 16, 2022

    A medical privacy campaigner says technology developed to track the spread of COVID-19 is a new form of surveillance that could be abused. Phil Booth, coordinator at MedConfidential, warned that increased monitoring of wastewater from sinks, drains and toilets, which can reveal infections and drug use, needs to be properly regulated. “The concerns will be raised more ...