For the purpose of infecting Mac computers with the malicious Atomic Stealer malware, sometimes referred to as AMOS, updates for Fake Google Chrome and Safari for macOS are becoming increasingly popular. AMOS is a social engineering tool that can steal passwords and confidential files that are saved on a Mac. It is sent to Mac owners as part of a social engineering effort. Due to the fact that malware developers appear to be focusing their attention on Mac owners, users will need to remain vigilant and possibly make use of web protection solutions in order to protect themselves from malware that is disseminated through social engineering.
ClearFake is a campaign that leverages hijacked WordPress websites to provide phony browser updates for Chrome and Safari. Malwarebytes, a security company, published details of the most recent version of Atomic Stealer, a piece of malware that is disseminated to users of macOS. The spread of AMOS to users of macOS using ClearFake was recently discovered by Ankit Anubhav, a researcher who specializes in security information.
The malware is disseminated through hacked websites that are strikingly similar to the download page for Google Chrome, as well as through a phony Safari update page that makes use of icons that are obsolete and come from previous versions of macOS. On the other hand, the rest of the homepage design might persuade some users to click and download the virus, while the phony Chrome download appears to be more believable.
Following the user’s click on the download button, the malicious.dmg file, which is disguised as a browser installation, is then downloaded to the Mac computer. The user is required to input the administrator password once it has been downloaded and launched. This password will be used to execute malicious actions on the device, such as stealing passwords from Apple’s Keychain and stealing documents, photos, wallets, and other data from the user’s desktop and documents folders on macOS.
It will be necessary for consumers to ensure that they are utilizing some type of online security in order to be safe from the infection. One example of this would be the Safe Browsing setting that occurs within Google Chrome. By doing so, it is possible that some of these rogue websites will be prevented from loading at all.
In the meantime, users should steer clear of downloading Chrome installations from websites that they are not familiar with. The purpose of these social engineering websites is to deceive people who may have difficulty determining whether websites on the internet are legitimate. If you want to be sure that the address bar displays Google.com, a decent rule of thumb is to check it. However, Apple does not release Safari updates outside of operating system upgrades; hence, customers are unable to install official downloads of Safari. This is because Apple does not distribute Safari updates.