Beware: New Mac Malware 'FrigidStealer' Tricks Users with Fake Browser Updates

Beware of the new Mac malware 'FrigidStealer' spreading through deceptive browser update prompts.

1 year ago

New Mac Malware 'FrigidStealer' Spreads Through Fake Browser Updates

Cybercriminals are increasingly using fake software updates to distribute malware, with a particular focus on Mac users. Researchers have identified two new threat actors, TA2726 and TA2727, who are deploying web inject campaigns to deliver harmful software, including the newly discovered macOS malware called FrigidStealer.

Key Points:

Threat Actors: TA2726 and TA2727 are employing fake browser update prompts to trick users into downloading malware.
FrigidStealer Malware: This new information-stealing malware targets macOS users, stealing browser cookies, cryptocurrency files, and Apple Notes.
Attack Method: The attack begins when a user visits a compromised website. They are redirected to a malicious domain and presented with fake update prompts. Clicking the 'Update' button downloads a harmful DMG file.
Data Exfiltration: Once installed, FrigidStealer uses AppleScript to collect sensitive data and sends it to a command-and-control server at askforupdate[.]org.
Protection Tips:
- Be cautious of unexpected software update prompts while browsing the web.
- Always verify updates through official websites or built-in app functions.
- Keep your security software up to date.