Fake Google Chrome, Safari Updates Infecting Mac Computers With AMOS Malware

Malware creators are using hijacked Wordpress websites to convince users to download fake Google Chrome and Safari updates that are infected with AMOS malware.

Advertisement
Written by David Delima | Updated: 22 November 2023 18:31 IST
Highlights
  • AMOS malware is targeting macOS users using social engineering
  • The malware is installed under the guise of a browser update
  • Hijacked sites trick users into downloading fake Safari, Chrome updates

Chrome and Safari users must keep an eye on websites prompting to install browser updates

Photo Credit: Unsplash/ @firmbee

Fake Google Chrome and Safari updates for macOS are being used to infect Mac computers with the nefarious Atomic Stealer malware, also known as AMOS. Distributed to Mac owners as part of a social engineering campaign, AMOS can steal passwords, private files stored on a Mac. Users will need to stay alert and possibly use web protection tools in order to protect themselves from malware distributed by social engineering, as malware creators appear to be turning their attention to Mac owners.

Security firm Malwarebytes shared details of the latest version of Atomic Stealer, malware that is distributed to macOS users via ClearFake, a campaign that uses hijacked WordPress websites to deliver fake browser updates for Chrome and Safari. The distribution of AMOS via ClearFake to macOS users was recently spotted by Ankit Anubhav, a security researcher.

The fake Google Chrome update page shown to users
Photo Credit: Malwarebytes

Advertisement

 

The malware is distributed via hijacked sites that closely resemble the Google Chrome download page, and a fake Safari update page that uses outdated icons from older macOS versions. However, the rest of the webpage design might convince some users to click and download the malware, while the fake Chrome download looks more convincing.

Advertisement

When the user clicks the download button, the malicious .dmg file is then downloaded to the Mac computer, disguised as a browser installer. Once it downloaded and opened, the user is prompted to enter the administrator password that will run nefarious commands on the device, including stealing passwords from Apple's Keychain and exfiltrate document, images, wallets and other data from the user's desktop and documents folders on macOS.

Advertisement

In order to stay protected from the malware, users will have to make sure they use some form of web protection — such as the Safe Browsing setting inside Google Chrome. Doing so might block some of these malicious sites from loading altogether.

Meanwhile, users should avoid downloading installers for Chrome from unknown websites. These social engineering websites are aimed at fooling users who might find it difficult to discern which websites are genuine. A good rule of thumb is to check whether the address bar shows google.com. On the other hand, Apple does not distribute Safari updates outside of operating system updates, so there are no official downloads that can be installed by users.

Advertisement

Is the Samsung Galaxy Z Flip 5 the best foldable phone you can buy in India right now? We discuss the company's new clamshell-style foldable handset on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Atomic Stealer, Google Chrome, Safari, Chrome, AMOS malware, AMOS, Browsers, Malware, Google
Redmi K70E With MediaTek Dimensity 8300 Ultra SoC Officially Teased; Key Specifications, Design Surface Online
Advertisement
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Oppo Find X9 Series Confirmed to Be Available in India via Flipkart
  2. Moto G67 Power 5G India Launch Date, Key Features Announced
  3. TRAI, DoT Approve Presentation of Caller Names During Incoming Calls
  4. Nothing Phone 3a Lite Launch Today: Everything You Need to Know
  5. WhatsApp Might Soon Let You Set a Profile Cover Photo, Just Like Facebook
  6. Amazon Fire TV Stick 4K Select Launched in India With Vega OS
  7. iQOO 15 Colourways, Key Features Teased Ahead of Launch in India
  8. Samsung Will Let You Unlock Your Mahindra e-SUV With Your Phone
  9. The Family Man Season 3 OTT Release: Know When and Where to Watch it Online
  10. Visa to Add Support for Four Stablecoins and Blockchains as Usage Surges
#Latest Stories
  1. Amazon Fire TV Stick 4K Select Launched in India With Vega OS: Price, Features
  2. AI Chatbots Will Be Banned for Teenagers With Mandatory Age Verification, Says Proposed US Law
  3. Visa to Add Support for Four Stablecoins Across Four Blockchains as Usage Surges
  4. Samsung Wallet Announces Support for Unlocking Mahindra e-SUV Using Smartphones
  5. Apple Shares Massive Dataset to Help Researchers Build Nano Banana-Like AI Models
  6. Microsoft CEO Satya Nadella Suggests Next-Gen Xbox Will Be Windows PC and Console Hybrid
  7. iQOO 15 Colourways, Key Specifications Teased Days Ahead of Launch in India
  8. Oppo Find X9, Find X9 Pro Confirmed to Be Available in India via Flipkart
  9. OpenAI Plans to Launch Automated 'AI Researcher' For Autonomous Scientific Discoveries by 2028
  10. Moto G67 Power to Come With 7,000mAh Battery, 50-Megapixel Sony Camera; India Launch Date Announced
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.