Subj : This dangerous new Mac malware is being spread by Google Ads
To   : All
From : TechnologyDaily
Date : Fri Jun 28 2024 15:15:05

This dangerous new Mac malware is being spread by Google Ads

Date:
Fri, 28 Jun 2024 14:11:00 +0000

Description:
A new version of AMOS is targeting macOS users looking for the new Arc 
browser.

FULL STORY
======================================================================

Hackers are running malicious Google Ads campaigns targeting victims 
interested in the new Arc browser, with the aim of installing 
information-stealing malware on their Mac devices. 

Cybersecurity researchers from Malwarebytes spotted a new campaign on the 
Google Ads network, seemingly promoting the new (and quite popular) Arc 
browser . 

The campaign belongs to Coles & Co and is linking to the domain name 
archost[.]org. However, people who click on the link are redirected to 
arc-download[.]com, a completely fraudulent site offering Arc for Mac only. 
PR move 

On the surface, the downloaded DMG file behaves just as a legitimate file 
would, except for the right-click to open trick which bypasses security 
protections. 

What the victims actually end up with is Poseidon, a variant of Atomic 
Stealer (AMOS), a known infostealer capable of extracting all kinds of 
information from the target devices, from sensitive files, to cryptocurrency 
wallet data, to stored passwords, to browser data. 

There seems to be plenty of code overlapping between AMOS and Poseidon, but 
its creator - a person with the alias Rodrigo4 - said they needed a unique 
brand to be better recognized in the underground community. 

In simple words, people didnt know who we were, the developer said in a 
recent post. 

Since the Google Ads network can show ads at the top of search engine results 
pages, being able to push malware through increases its chances for success 
dramatically. 

To run a malvertising campaign, threat actors steal peoples Google business 
accounts, verified for running advertising campaigns and having a linked 
credit card for payments. Then, they create an ad campaign which promotes 
fraudulent websites on the top of search engine results pages. Recently, 
cybersecurity experts started warning users to be careful when searching for 
things, and to type in known addresses instead of simply googling them. More 
from TechRadar Pro Mac users are being targeted with fake browser updates 
that spread malware Here's a list of the best firewalls today These are the 
best endpoint protection tools right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/this-dangerous-new-mac-malware-is-being
-spread-by-google-ads


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.