Security News > 2023 > September > MacOS malware has a new trick up its sleeve
A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system's Gatekeeper, Malwarebytes researchers have discovered.
"Criminals who buy the toolkit have been distributing it mostly via cracked software downloads but are also impersonating legitimate websites and using ads on search engines such as Google to lure victims in," says Malwarebytes researcher Jérôme Segura.
The page has three download buttons: the Windows and Linux one trigger the download of a RAT from Discord, and the macOS one downloads the Atomic Stealer from a third-party site.
The downloaded macOS stealer instructs users on how to open the file.
In the last year or so, cybercriminals have increased their reliance on Google Search ads as a way to lead users to legitimate-looking websites and trick them into downloading malware.
Users should exercise caution when downloading apps or programs, especially when searching for them via Google.
News URL
https://www.helpnetsecurity.com/2023/09/07/macos-malware-bypass-gatekeeper/
Related news
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- XCSSET macOS malware returns with first new version since 2022 (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- The XCSSET info-stealing malware is back, targeting macOS users and devs (source)
- New FrigidStealer Malware Targets macOS Users via Fake Browser Updates (source)