C'mon, just copy this text string and paste it into your macOS Terminal – it'll fix your computer, honest

https://image.theregister.com/5273738.jpg?imageId=5273738&x=0&y=7.02&cropw=100&croph=72.47&panox=0&panoy=7.02&panow=100&panoh=72.47&width=1200&height=683

Newly documented stealer ClickLock comes for the more trusting Mac user with spot of social engineering

Threat intel outfit Group-IB has detailed a previously undocumented macOS information stealer that doesn't bother hunting for software bugs. Instead, it persuades users to pwn themselves by pasting a command into Terminal, after which it helps itself to passwords, crypto wallets, browser data, and anything else worth stealing.

The boffins have dubbed the malware “ClickLock Stealer,” a nod to its use of the increasingly popular ClickFix social engineering technique and a coercive "locker" feature that pressures victims into handing over their Mac login password. According to the researchers, the operation has been active since around May and has already targeted at least 100 victims across 33 countries, with more than half located in Europe.

Group-IB said it discovered the malwareafter analyzing a malicious shell script uploaded to VirusTotal on June 9 that had...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

Read more