Bad actors are impersonating Chrome and Safari browser update websites to attack users using macOS.
According to Gadget360, fake updates of Google Chrome and Safari browsers are being used to infect many macOS users with Atomic Stealer (also known as AMOS) malware.
The new wave of attacks has been discovered by security company Malwarebytes. According to researcher Ankit Anubhav, the malicious campaign is being spread by hackers through ClearFake, which is known as a method of using hacked WordPress websites and changing their interface, thereby luring hackers. victims download fake browser updates.
To make users less suspicious, the hacked websites were designed with an interface very similar to Google’s Chrome browser download page, while the website for Safari was disguised with an outdated icon of the browser.
When a user clicks the Download button, a malicious .dmg file disguised as a web browser installer is downloaded to the Mac computer. When opening the file, the user will be asked to enter the administrative password to execute malicious commands on the device, including stealing passwords from Keychain, documents, images, digital wallets, and many other data. user’s computer and other data from the macOS.
In the face of increasingly sophisticated attacks, to protect themselves from malware, users should use some form of protection when surfing the web – such as Google Chrome’s built-in Safe Browsing setting. In addition, you should also avoid downloading installers from unknown websites, the first rule is to check the address bar to see if you are accessing the correct google.com domain.
Besides, Apple also does not distribute Safari updates through the website, new versions of the browser are always integrated in operating system updates. So, ignore any requests to update Safari that appear on the web.