Mac Attack: Sneaky SHAMOS Malware Targets Apple Users Globally!

CrowdStrike warns of a surge in attacks on macOS users by Cookie Spider using a variant of the Atomic macOS Stealer. The group lures victims with malvertising, leading them to fake help sites where they’re tricked into running malicious commands. This scheme bypasses security checks and pilfers sensitive data.

3P
Published: August 22, 2025 8:06 amAdded: August 22, 2025 at 1:36 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like Cookie Spider spun its web a little too wide this time, targeting macOS users with an appetite for stolen credentials. If only these hackers put as much effort into legitimate business as they did in creating malware, they could probably afford their own fancy MacBooks without having to pilfer ours!

Key Points:

  • Cybercrime group Cookie Spider is using AMOS malware-as-a-service to target macOS users.
  • Malvertising campaigns lead users to fraudulent sites, tricking them into running malicious commands.
  • The SHAMOS variant of the malware includes anti-VM checks and data exfiltration capabilities.
  • Victims span multiple countries, excluding Russia, with targets lured via fake ads.
  • Cybercriminals reportedly impersonated a legit Australian electronics store for their Google Ads profile.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?