ClearFake Campaign Expands to Target Mac Systems with Atomic Stealer


The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake.

“This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only in terms of geolocation but also operating system,” Malwarebytes’ Jérôme Segura said in a Tuesday analysis.

Atomic Stealer (aka AMOS), first documented in April 2023, is a commercial stealer malware family that’s sold on a subscription basis for $1,000 per month. It comes with capabilities to siphon data from web browsers and cryptocurrency wallets.

Read more…