Security News > 2023 > September > MacOS malware has a new trick up its sleeve
A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system's Gatekeeper, Malwarebytes researchers have discovered.
"Criminals who buy the toolkit have been distributing it mostly via cracked software downloads but are also impersonating legitimate websites and using ads on search engines such as Google to lure victims in," says Malwarebytes researcher Jérôme Segura.
The page has three download buttons: the Windows and Linux one trigger the download of a RAT from Discord, and the macOS one downloads the Atomic Stealer from a third-party site.
The downloaded macOS stealer instructs users on how to open the file.
In the last year or so, cybercriminals have increased their reliance on Google Search ads as a way to lead users to legitimate-looking websites and trick them into downloading malware.
Users should exercise caution when downloading apps or programs, especially when searching for them via Google.
News URL
https://www.helpnetsecurity.com/2023/09/07/macos-malware-bypass-gatekeeper/
Related news
- macOS HM Surf vuln might already be under exploit by major malware family (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- New RustyAttr Malware Targets macOS Through Extended Attribute Abuse (source)