Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.
Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.
ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hackers scan for vulnerable devices minutes after bug disclosure
May 19, 2021
Every hour, a threat actor starts a new scan on the public web for vulnerable systems, moving at a quicker pace than global enterprises when trying to identify serious vulnerabilities on their networks. The adversaries’ efforts increase significantly when critical vulnerabilities emerge, with new internet-wide scans happening within minutes from the disclosure. Read more… Source: Bleeping Computer
- Qlocker ransomware shuts down after extorting hundreds of QNAP users
May 19, 2021
The Qlocker ransomware gang has shut down their operation after earning $350,000 in a month by exploiting vulnerabilities in QNAP NAS devices. Starting on April 19th, QNAP NAS device owners worldwide suddenly discovered that their device’s files were replaced by password-protected 7-zip archives. Read more… Source: Bleeping Computer
- Stalkerware Apps Riddled with Security Bugs
May 18, 2021
Android stalkerware apps – used to surreptitiously track people’s movements and digital activities – turn out to themselves be rife with security holes that put victims in even danger. Stalkerware can track the GPS location of a victim’s device, record conversations, capture images and snoop on browser histories. And overall, according to ESET researcher Lukas Stefanko, ...
- Ireland: ‘Wizard Spider’ cybercrime gang claim Health Service Executive attack
May 18, 2021
Hackers known as Wizard Spider are spinning a web of chaos since it launched a ransomware attack on the Health Service Executive last week. The Russian hackers have claimed responsibility for the most serious ever cyberattack on Ireland’s critical infrastructure. The group, who are seeking ransom of up to €20 million in cryptocurrency, are not motivated by ...
- DarkSide Hits Toshiba; XSS Forum Bans Ransomware
May 17, 2021
For a ransomware gang whose servers were purportedly commandeered last week, DarkSide has had a server-fueled weekend, with a reported hit on Toshiba Business. Late on Thursday night came a post to the “Exploit” underground forum that looked, at least, to be from DarkSide. It described how the gang’s blog, payment processing and denial-of-service (DoS) servers ...
- ‘We won’t pay ransom,’ says Ireland after attack on health service
May 17, 2021
Ireland’s Health Service Executive (HSE) has ruled out giving in to hackers’ demands as the country’s healthcare and social services continue to deal with the disruption caused by a significant ransomware attack that occurred a few days ago. The HSE has now confirmed that a ransom has been sought by the attackers, although the exact amount ...

