Macworld Security researcher Group-IB has discovered new Mac malware that it has dubbed ClickLock Stealer. As part of the installation of ClickLock Stealer, the installer will essentially lock your Mac until a login password is entered in a persistent window. Once a password is entered, the malware is installed and covertly captures data: browser credentials, crypto wallet extensions, desktop wallet files, password manager data, and more. Users are targeted by threat agents using a fake Cloudflare CAPTCHA that persuades users to copy and paste a command in the Terminal of macOS. Once the installation is triggered, malware components are installed on the Mac while a fake Cloudflare progress window is displayed. However, if a user trying to cancel the installation in progress, the malware then kills “every visible application every 210 milliseconds, leaving only a password dialog on screen until the user is forced to comply,” according to Group-IB. The report also sta
UPVOTERS
Community appreciation
See who found this content valuable and showed their support.
No upvotes yet.
Be the first to show your appreciation for this content.
TOPICS
Explore the same topics
Discover more content from the topics this post is mapped to.
Keep browsing
Explore more from this topic
Dive into the full feed of curated posts covering this category.
Discussion
Be the first to comment
Add your perspective to get the discussion started.