CyberSecurityBoard
Sponsor Register Login

Fake Mac fixes trick users into installing new Shamos infostealer

A new phishing campaign is targeting Mac users by distributing fake Mac fixes that trick victims into installing the Shamos infostealer malware. This campaign exploits users' trust in legitimate software updates by masquerading as genuine Mac system patches. Once installed, the Shamos infostealer collects sensitive information from the infected devices, including credentials and personal data, posing a significant threat to user privacy and security. The malware's distribution through deceptive updates highlights the increasing sophistication of cybercriminals in targeting Apple users. Users are advised to only download updates from official sources and remain vigilant against unsolicited prompts to install software. This incident underscores the importance of cybersecurity awareness and the need for robust endpoint protection on all platforms, including macOS.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 22 Aug 2025 15:45:20 +0000


Cyber News related to Fake Mac fixes trick users into installing new Shamos infostealer

Fake Mac fixes trick users into installing new Shamos infostealer - A new phishing campaign is targeting Mac users by distributing fake Mac fixes that trick victims into installing the Shamos infostealer malware. This campaign exploits users' trust in legitimate software updates by masquerading as genuine Mac system ...
4 months ago Bleepingcomputer.com
New Shamos Malware Attacking macOS: What You Need to Know - The cybersecurity landscape has witnessed the emergence of a new malware strain named Shamos, specifically targeting macOS systems. This sophisticated malware exploits vulnerabilities in macOS to infiltrate devices, steal sensitive data, and maintain ...
4 months ago Cybersecuritynews.com
12 Essential Steps Mac Users Need To Take At Year End - As the year comes to a close, Mac users should take these steps to ensure their device's security, performance and organization. Here are the year-end steps you should take to ensure your Mac is ready for 2024. After ensuring your Mac's files are ...
2 years ago Techrepublic.com
Deploy Anti-Infostealer Defenses to Protect Sensitive Data - In today's digital landscape, the threat of infostealer malware is escalating, posing significant risks to sensitive data across organizations. Infostealers are malicious programs designed to extract confidential information such as credentials, ...
2 months ago Infosecurity-magazine.com FIN7 Lazarus Group
New FrigidStealer infostealer infects Macs via fake browser updates - Windows users get an MSI installer that loads Lumma Stealer or DeerStealer, Mac users receive a DMG file that installs the new FrigidStealer malware, and Android users receive an APK file that contains the Marcher banking trojan. FakeUpdate ...
10 months ago Bleepingcomputer.com
Fake IT support sites push malicious PowerShell scripts as Windows fixes - First discovered by eSentire's Threat Response Unit, the fake support sites are promoted through YouTube channels that have been compromised and hijacked to add legitimacy to the content creator. In particular, the threat actors are creating fake ...
1 year ago Bleepingcomputer.com
Fake browser updates spread updated WarmCookie malware - The latest campaign was discovered by researchers at Gen Threat Labs, who observed the WarmCookie backdoor being distributed as fake Google Chrome, Mozilla Firefox, Microsoft Edge, and Java updates. FakeUpdate is a cyberattack strategy used by a ...
1 year ago Bleepingcomputer.com
Ukrainian Raccoon Infostealer Operator Extradited to US - A Ukrainian national charged with operating the Raccoon Infostealer malware-as-a-service has made an appearance in a US court after being extradited from the Netherlands. The man, Mark Sokolovsky, 28, was arrested in March 2022, after the FBI and law ...
1 year ago Securityweek.com
New Clearfake Variant Leverages Fake reCAPTCHA To Trick Users Deliver Malicious PowerShell Code - The infection flow begins with injected JavaScript on compromised websites, which retrieves malicious code from blockchain smart contracts, ultimately leading to the display of fake security challenges. The latest variant, discovered in December ...
9 months ago Cybersecuritynews.com
Fake Browser Updates Targeting Mac Systems With Infostealer - A widely popular social engineering campaign previously only targeting Windows systems has expanded and is now using fake browser updates to distribute Atomic Stealer, a dangerous information stealer, to macOS systems. Experts say this could be the ...
2 years ago Darkreading.com
How Kasada Counters Toll Fraud and Fake Account Creation for Enterprises - Toll fraud and fake account creation are two advanced threats that bad actors employ for massive profit. Fake Account Creation is committed by a wide range of attackers, through automating the generation of new user accounts en masse, which then get ...
2 years ago Securityboulevard.com
Windows 10 KB5035845 update released with 9 new changes, fixes - Microsoft has released the KB5035845 cumulative update for Windows 10 21H2 and Windows 10 22H2, which includes nine new changes and fixes. After installing this mandatory Windows 10 cumulative update, the March 2024 Patch Tuesday security updates ...
1 year ago Bleepingcomputer.com
Lumma Infostealer Malware Attacks Users: What You Need to Know - Lumma Infostealer is a newly identified malware targeting users worldwide, designed to steal sensitive information such as login credentials, financial data, and personal details. This malware operates stealthily, infiltrating systems through ...
2 months ago Cybersecuritynews.com
Sophisticated Booking.com Scam Targeting Guests with Vidar Infostealer - The 'How To' guide for targeting Booking.com customers is being offered for sale on the dark web, as well as on underground cybercrime forums, including Russian-speaking platforms such as XSS.IS. Cybersecurity firm Secureworks is alerting Booking.com ...
2 years ago Hackread.com
iClicker hack targeted students with malware via fake CAPTCHA - The website of iClicker, a popular student engagement platform, was compromised in a ClickFix attack that used a fake CAPTCHA prompt to trick students and instructors into installing malware on their devices. According to a security alert from the ...
8 months ago Bleepingcomputer.com
GrassCall scam drains crypto wallets through fake web3 job interviews - A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious "GrassCall" meeting app that installs information-stealing malware to steal cryptocurrency wallets. Users are tricked into ...
10 months ago Bleepingcomputer.com
GrassCall malware campaign drains crypto wallets via fake job interviews - A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious "GrassCall" meeting app that installs information-stealing malware to steal cryptocurrency wallets. Users are tricked into ...
10 months ago Bleepingcomputer.com
Oracle’s First Security Update for 2023 Includes 327 New Patches - Oracle has released its first security update of 2023, delivering 327 new security fixes and patching a range of critical vulnerabilities. This update covers products spanning across Oracle’s Cloud portfolio, Fusion Middleware, Hyperion, E-Business ...
2 years ago Securityweek.com
Hackers steal Discord accounts with RedTIGER-based infostealer - Cybercriminals have been actively stealing Discord accounts using a sophisticated infostealer based on the RedTIGER malware. This new threat targets users by harvesting sensitive information, including login credentials and authentication tokens, ...
2 months ago Bleepingcomputer.com
Fake app impersonating LastPass spotted in Apple's App Store The Register - LastPass says a rogue application impersonating its popular password manager made it past Apple's gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install. A screenshot of the fake LastPass app in the Apple App ...
1 year ago Go.theregister.com
Pig Butchering: Fake Trading Apps Target Crypto on Apple, Google Play Stores - Pig Butchering scam targets crypto users with fake trading apps on Apple and Google Play Stores. These apps, found on Apple’s App Store and Google Play, and on phishing sites, are part of a Pig Butchering scam targeting cryptocurrency investors ...
1 year ago Hackread.com
Fake LastPass password manager spotted on Apple's App Store - LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials. The fake app uses a similar name to the genuine app, a similar icon, and a red-themed interface ...
1 year ago Bleepingcomputer.com
ClickFake Interview - Lazarus Hackers Exploit Windows & macOS Users Fake Job Campaign - The ClickFake Interview campaign builds upon the tactics of Contagious Interview, which targeted software developers via fake job interviews conducted on platforms like LinkedIn or X (formerly Twitter). The Lazarus Group, a North Korean ...
9 months ago Cybersecuritynews.com Lazarus Group
Fake AI video generators drop new Noodlophile infostealer malware - Noodlophile is a new information stealer malware that targets data stored on web browsers like account credentials, session cookies, tokens, and cryptocurrency wallet files. Previously undocumented in public malware trackers or reports, this stealer ...
8 months ago Bleepingcomputer.com
Windows 10 KB5037849 update released with 9 changes or fixes - Microsoft has released the optional KB5037849 Preview cumulative update for Windows 10 22H2 with nine fixes or changes. This release is primarily a maintenance release, fixing numerous bugs causing crashes or network connection issues. Microsoft ...
1 year ago Bleepingcomputer.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)