Safari and Chrome need to be updated only from the browsers themselves
New malware called Atomic macOS Stealer (AMOS), released in early 2023, targets Apple users. Using the latest version of malware, attackers inject AMOS into fake updates for Safari and Chrome browsers for Mac.
AMOS is a powerful piece of malware that, once installed on a victim’s computer, can steal passwords, iCloud keychains, credit card numbers, crypto wallets, files, and more.
After discovering the first AMOS threats in March and April, security researchers at Malwarebytes discovered in September that Mac users were installing AMOS through fake Google search ads.
Fake Safari and Chrome updates for Mac contain malware that steals passwords and card data
Now, Malwarebytes reports that fake Safari and Chrome browser updates are now being used to install AMOS on victims’ Macs. The new AMOS approach is called ClearFake. Attackers use hacked websites to deliver fake Safari and Chrome updates.
Users are advised not to download software from unreliable or unknown sources – “update Safari directly from your Mac in system settings or Chrome directly from Google or the Chrome app.”
