• Telecommunications
• Credentials In Files
• Match Legitimate Name Or Location
• United States
• Spearphishing Link
• Amos
• Spectrum
• Sudo And Sudo Caching
• North America
• Unix Shell
• Ingress Tool Transfer
• Disable Or Modify Tools

New Clickfix Infostealer Campaign Targets macOS Users

Cybersecurity researchers have identified a new malware campaign that uses social engineering tactics to distribute an information stealer known as Atomic macOS Stealer (AMOS) targeting Apple macOS systems. The campaign employs typosquatting domains that mimic the U.S.-based telecom provider Spectrum, tricking users into executing a malicious shell script that steals system passwords and downloads the AMOS variant. The attack begins on a fake webpage that prompts users to complete a CAPTCHA verification, ultimately leading them to execute harmful commands under the guise of fixing a non-existent issue. The campaign is believed to be orchestrated by Russian-speaking cybercriminals, as indicated by the presence of Russian language comments in the malware's code.