Malwarebytes has released a report that exposes a “malvertising campaign” to steal passwords from Microsoft Teams for Mac users.
Many Mac users feel relatively invulnerable to attack while using an Apple computer and the data does suggest that there are far fewer security breaches on Mac operating systems.
Mac users beware, however, that hackers appear to be encouraging Mac users to download a fake version of Microsoft Teams, which is really Atomic Stealer malware designed to steal passwords from Apple keychains and web browsers.
Users came across these fake Microsoft Teams download sites due to a compromised Google ad account in Hong Kong, which allowed the hackers’ links to be placed at the top of search results for the video conferencing and collaboration software.
One of the top voices in cybersecurity, Bob Carver, Principal Cybersecurity Threat Intelligence and Analytics at Verizon, took to LinkedIn to warn others of the latest findings: “Macs under threat from info-stealing malware — don’t fall for this Microsoft Teams scam.
“New advertising campaign uses Teams to spread the Atomic Stealer malware.
“When looking for new software online, you never want to click on the first search result as you could be dealing with fake ads spreading dangerous malware.
“As we saw with the Arc browser in a recent Poseidon campaign, hackers are once again using fake ads to direct unsuspecting Mac users to malicious sites hosting malware.
This time though, they’re spreading the Atomic Stealer malware which can steal passwords from web browsers and even Apple Keychain as well as cryptocurrency through fake Microsoft Teams downloads.”
Hackers Deploy ‘Atomic Stealer’
According to the cybersecurity software and anti-malware company Malwarebytes, Atomic Stealer has never been used with parallel code and delivery systems to pilfer users’ private data.
After clicking the download link, the user is instructed to right-click and enter their username and password, which bypasses Apple’s unsigned installer protection system.
As soon as you have granted it access to your computer, the malware gets to work locating and copying your sensitive data to the hackers.
It is not the first time, however, that fake ads have been used to trick users into downloading malware onto Macs.
Just last month, a ‘Poseidon’ campaign deployed phoney adverts that appeared to offer users a DMG installer for the Arc browser but were, in fact, providing hackers with a portal into their personal computers.
‘Beware of Greeks Bearing Gifts’
The old saying inspired by the story of the Trojan horse, ‘Beware of Greeks bearing gifts,’ remains true even in this digital age. Links are often not what they purport to be, and we must, therefore, remain vigilant to the threats that lurk beneath the surface.
Other than keeping your wits about you when you are online, there are a number of software programs available, like Malwarebytes, that can help you remove malware and viruses from your computer.