The article reports on a new macOS malware named FrigidStealer, which spreads through counterfeit browser update alerts, effectively deceiving users into bypassing security measures on macOS. Research from Proofpoint reveals that the malware primarily extracts cookies, passwords, and sensitive files, including those related to cryptocurrency. The attackers, identified as TA2726 and TA2727, use legitimate online locations to launch their scam campaigns. This tactic poses significant threats to personal and enterprise data security, urging users to recognize and avoid fake update notifications.
A new macOS malware called FrigidStealer spreads through fake browser update alerts, allowing attackers to steal sensitive data, bypassing macOS security measures.
The campaign embeds fake 'Update' buttons on legitimate websites, deceiving users into downloading malware that extracts sensitive data from their devices.
Two threat actors behind FrigidStealer, TA2726 and TA2727, utilize sophisticated tactics to distribute malware and evade security measures on macOS platforms.
Proofpoint's research emphasizes the critical nature of recognizing fake updates, as the malware targets both personal and enterprise data, potentially leading to severe data breaches.
Collection
[
|
...
]