Apple users have been warned after tech experts revealed a fake browser that can infect Apple computers with a malware that is able to hijack passwords and money.
Dubbed the ‘ClearFake’ scan, it’s been targeting Windows systems since July, however has recently started targeting Macs as well.
“The #Clearfake campaign which is abusing binance blockchain is not limited to Windows #malware.”
The scheme works by bombarding iPhone and Mac users with counterfeit Chrome updates that appear on compromised sites through Javascript injections.
When the user clicks on the prompt, their system in infected with Atomic Stealer, which is a malware system that can hijack passwords, photos, documents, and video files.
The system also has the ability to hack data from over 50 cryptocurrency extensions as well as keychain passwords. The information can then be used for various nefarious purposes including extortion and identity theft.
Experts have noted the malware is particularly insidious, camouflaging as both Safari and Chrome updates.
ClearFake’s existence has been known since April 2023, however it’s been reported to fly under the radar of 50% of antivirus engines.
To prevent the Atomic Stealer malware, experts suggest Mac users refrain from downloading browser updates from third party sites and pop-ups.
Safari browser updates are only distributed through macOS software updates.
The experts are also urging Apple users to strengthen security systems by downloading the latest antiviral software, but from a reputable site.
