Mac Attack: Shamos Malware Strikes with ClickFix Trickery
Shamos, a new infostealer malware, is charming its way into Mac devices via ClickFix attacks. Users are fooled into running shell commands disguised as troubleshooting fixes, but instead of solving problems, they invite this cyber criminal to stay for dinner, steal their data, and leave with their cryptocurrency wallets.
Hot Take:
Apple fans, brace yourselves! Shamos, the infostealer malware, is targeting Mac devices with the subtlety of a bull in a china shop, all thanks to the devilishly deceptive tactics of ‘COOKIE SPIDER’. It’s like a bad episode of ‘MacGyver’ where the fix-it guide is the villain!
Key Points:
- Shamos is a new macOS-targeting malware, a variant of the Atomic macOS Stealer (AMOS).
- Developed by the cybercriminal group “COOKIE SPIDER,” it steals data from web browsers, Keychain items, Apple Notes, and cryptocurrency wallets.
- Promoted through ClickFix attacks, victims are tricked via fake troubleshooting guides and malvertising.
- Shamos uses anti-VM commands and AppleScript for host reconnaissance, packaging stolen data into an ‘out.zip’ archive for transmission to attackers.
- To avoid infection, macOS users should steer clear of executing unknown online commands and rely on trusted sources like Apple Community forums for help.
Already a member? Log in here