Fake Safari and Chrome Updates Spreading AMOS Malware on Mac Systems


Initially detected in early 2023, the Atomic macOS Stealer (AMOS) malware has emerged as a significant concern. This sophisticated malware specifically targets Apple users, deceiving them into unwittingly installing the software on their devices. Upon installation, it has the capability to pilfer iCloud Keychain passwords, credit card details, files, and other sensitive information. The latest evolution of this threat involves delivering AMOS to Mac users through deceptive Safari and Chrome update prompts.

Method of Injecting AMOS Malware into Mac Systems

Initial indications of AMOS threats surfaced in March and April. By September, security researchers from Malwarebytes revealed that Mac users fell victim to AMOS installation through deceptive Google Search Ads. According to their recent findings, AMOS is now introduced into Mac systems through compromised websites, utilizing fake Safari and Chrome updates as part of a deceitful browser update chain identified as “ClearFake.” This deceptive tactic was previously observed targeting Windows users as well. Recognizing fake updates and taking precautions against the AMOS threat on Macs is crucial.

Fake Chrome and Safari Updates

The counterfeit Safari update exhibits outdated Safari and iCloud icons, making it relatively noticeable for seasoned Apple users. However, newcomers to the Apple ecosystem might easily mistake it for the official update. Hence, caution is advised.

Conversely, the imitation Google Chrome update template is more convincing, closely resembling the authentic version.

Avoiding AMOS Malware on Macs

Avoiding the AMOS malware threat is entirely possible by following these steps:

1. Refrain from downloading software updates from unfamiliar or untrustworthy sources. Instead, update Safari exclusively through your Mac’s System Settings. For Chrome updates, rely solely on the Chrome app or Google’s official website.

2. Exercise caution if an application prompts you to bypass macOS Gatekeeper protections. It’s advisable to avoid such apps altogether.

3. When navigating new websites, verify their creation date and refrain from trusting random pop-ups, ads, or download prompts.


What's Your Reaction?

hate hate
66
hate
confused confused
466
confused
fail fail
266
fail
fun fun
200
fun
geeky geeky
133
geeky
love love
600
love
lol lol
666
lol
omg omg
466
omg
win win
266
win

0 Comments

Your email address will not be published. Required fields are marked *