LEGALAUDIT

Betrugsradar

Wie erkennen Sie New macOS ClickFix Attack Silently Mounts DMGs to Push AMOS Infostealer?

Veröffentlicht am

Kurzfassung

A new macOS ClickFix campaign tricks users into running malicious Terminal commands from a fake CAPTCHA page, silently downloading and mounting a DMG that installs the Atomic macOS Stealer (AMOS). The stealer harvests browser credentials,...

Wie es funktioniert

A new macOS ClickFix campaign tricks users into running malicious Terminal commands from a fake CAPTCHA page, silently downloading and mounting a DMG that installs the Atomic macOS Stealer (AMOS). The stealer harvests browser credentials,...

Warnzeichen

  • : A website asks you to open Terminal and paste a command to "verify" yourself DMG files silently mount without appearing in Finder or on the desktop Fake System Settings prompts requesting your password right after running unknown commands

Was tun

  1. 1: Never paste commands into Terminal from web pages, even when they look like CAPTCHAs Keep macOS updated and run reputable endpoint protection
  2. 2block unsigned DMG launches via MDM where possible Use a dedicated password manager and hardware wallet
  3. 3revoke browser sessions and rotate credentials immediately if you executed such a command

Quelle

bleepingcomputer

Quelle geprueft vom Mythos Forensic Team

https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-silently-mounts-dmgs-to-push-infostealer/

FAQ

Ist New macOS ClickFix Attack Silently Mounts DMGs to Push AMOS Infostealer ein reales Betrugsmuster?

Ja. Behandeln Sie Nachricht, Anruf oder Zahlungsaufforderung als verdaechtig, bis ein offizieller Kanal sie bestaetigt.

Was sind die ersten Warnzeichen?

: A website asks you to open Terminal and paste a command to "verify" yourself DMG files silently mount without appearing in Finder or on the desktop Fake System Settings prompts requesting your password right after running unknown commands

Was sollte ich zuerst tun?

: Never paste commands into Terminal from web pages, even when they look like CAPTCHAs Keep macOS updated and run reputable endpoint protection; block unsigned DMG launches via MDM where possible Use a dedicated password manager and hardware wallet; revoke browser sessions and rotate credentials immediately if you executed such a command

Kann LegalAudit meinen Fall pruefen?

Ja. Starten Sie den kostenlosen Chat und fuegen Sie Nachricht, Link, Absender oder Zahlungsdaten ein.