For more headlines like this, please subscribe to Afrihkanews.com
It’s like a cybernetic catfishing scheme.
Just when you thought it was safe to back on the laptop, tech-heads have revealed a fake browser update that infects Apple computers with a type of malware that hijacks passwords and money.
Dubbed the “ClearFake” scam, the cybernetic Trojan horse has been targeting Windows systems since July but just recently started targeting Mac users as well, according to a recent Malwarebytes report that confirmed its existence, Bleeping Computer reported.
“The #Clearfake campaign which is abusing binance blockchain is not limited to Windows #malware,” warned cyberthreat expert Ankit Anubhav in a Nov. 17 post.
This sinister cyber phishing scheme works by bombarding both phone and Macbook users with counterfeit Chrome updates that appear on compromised sites via Javascript injections.
When they click the prompt, their system is infected Atomic Stealer, a malware system that can pilfer passwords to important accounts, as well as photos, documents and video files.
If that weren’t sophisticated enough, this system has the ability to hack data from more than 50 cryptocurrency extensions, plus keychain passwords.
And while ClearFake’s existence has been known since April 2023, it reportedly flies under the radar of 50% of antivirus engines on cybersecurity site VirusTotal.
In order to prevent one’s computer from contracting Atomic Stealer malware, experts say Mac users should refrain from downloading browser updates from third-party sites and pop-ups.
As they point out, Safari browser updates are only distributed through macOS software updates.
Tech experts also urge Apple fans to strengthen their security systems by downloading the latest antiviral software — but only from a reputable site, of course.
Source: New York Post
蘋果用戶收到有關竊取密碼和金錢的虛假更新的警報
這就像一個控制論的釣魚計劃。
就在你認為可以安全地使用筆記型電腦時,技術負責人發現了一個虛假的瀏覽器更新,該更新會用一種劫持密碼和金錢的惡意軟體感染蘋果電腦。
根據《Bleeping Computer》報道,最近 Malwarebytes 的一份報告證實了這種被稱為「ClearFake」騙局的控制論特洛伊木馬自 7 月以來一直針對 Windows 系統,但最近才開始針對 Mac 用戶。
網路威脅專家 Ankit Anubhav 在 11 月 17 日的貼文中警告說:“濫用 Binance 區塊鏈的#Clearfake 活動不僅限於 Windows #惡意軟體。”
這個險惡的網路釣魚計畫的工作原理是透過 Javascript 注入出現在受感染網站上的假冒 Chrome 更新轟炸手機和 Macbook 用戶。
當他們點擊提示時,他們的系統就會被感染 Atomic Stealer,這是一種惡意軟體系統,可以竊取重要帳戶的密碼以及照片、文件和影片檔案。
如果這還不夠複雜,那麼該系統還能夠破解 50 多個加密貨幣擴充的資料以及鑰匙圈密碼。
儘管自 2023 年 4 月起 ClearFake 的存在就為人所知,但據報道,網路安全網站 VirusTotal 上 50% 的防毒引擎都沒有註意到它。
專家表示,為了防止電腦感染 Atomic Stealer 惡意軟體,Mac 用戶應避免從第三方網站和彈出視窗下載瀏覽器更新。
正如他們所指出的,Safari 瀏覽器更新僅透過 macOS 軟體更新進行分發。
技術專家也敦促蘋果粉絲透過下載最新的抗病毒軟體來加強他們的安全系統——當然,只能從信譽良好的網站下載。
Comments