Fake Safari and Chrome Updates Infecting Macs with AMOS Malware

A powerful malware called Atomic macOS Stealer (AMOS) was first noticed in early 2023 and has become a growing threat. It is a powerful piece of malware that targets Apple users and tricks them into installing the software on their machines. Once installed, it can steal iCloud Keychain Passwords, credit card information, files and more. And now, in the latest version, AMOS is delivered to Mac users via fake Safari and Chrome updates.

How AMOS Malware is Injected into Macs

The first signs of AMOS threats were reported in March and April. In September, security researchers at Malwarebytes announced discovers that Mac users were tricked into installing AMOS via fake Google search ads. Now Malwarebytes reports that AMOS is injected into Macs via compromised websites to deliver fake Safari and Chrome updates. This fake browser update chain is labeled as “ClearFake” and has previously been seen against Windows as well. Let’s see how to spot fake updates and avoid the AMOS threat on Macs.

See also  Omegle Shuts Down After Over a Decade; Here's Why!

Fake Safari and Chrome updates

Here is a fake Safari update that mimics the official website. It is quite easy for Apple users to recognize it as there are outdated Safari and iCloud icons. However, if someone is new to the Apple ecosystem, it will be easier for them to fall into it. So be careful.

Fake Safari update on Mac to inject AMOS

Below is a more convincing update template for Google Chrome that is very similar to the authentic one.

Fake Chrome updates on Mac to inject AMOS
See also  How to Change the Default Browser on Your Mac (2022)

How to avoid AMOS malware on Macs

Although the AMOS malware is a threat, the good news is that it is completely avoidable. Here’s how:

  • First of all, never download software updates from unknown or unreliable sources. Instead, make sure you only update Safari directly in your Mac’s system settings. For Chrome, rely only on the Chrome app or Google’s official website.
  • If an app asks you to bypass macOS Gatekeeper protections, be very careful and just skip that app.
  • If you are using a new website, check when it was created and don’t trust random pop-ups, ads, or download triggers.
See also  Adobe Spark Post MOD APK 6.11.0 (Premium Unlocked)

Related Posts