Atomic Stealer distributed to Mac users via fake browser updates [Wednesday, November 22, 2023]

Atomic Stealer distributed to Mac users via fake browser updates [Wednesday, November 22, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/ATTACK-REPORT-LOGO-2.png
Report

Atomic Stealer distributed to Mac users via fake browser updates

Description :
MalwareBytes reports that Atomic Stealer (a.k.a. AMOS) is now being delivered to Mac users via a fake browser update chain tracked as ‘ClearFake’.

Published :
2023-11-22T11:49:00.739Z

Created :
2023-11-22T11:49:00.739Z

Modified :
2023-11-22T11:58:13.649Z

Tags

  • clearfake
  • macos
  • atomic stealer
  • amos

Indicators

IPv4s :
  • 194.169.175.117
Domains :
  • longlakeweb.com
  • royaltrustrbc.com
  • chalomannoakhali.com
  • jaminzaidad.com
Hashes :
  • be634e786d5d01b91f46efd63e8d71f79b423bfb2d23459e5060a9532b4dcc7b
  • 4cb531bd83a1ebf4061c98f799cdc2922059aff1a49939d427054a556e89f464
Attacks Pattern :
  • T1036
  • T1059
  • T1041
External References :

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.