Der "Atomic macOS Stealer“, called AMOS for short, is one Malware, which is designed for the Apple Mac and its operating system macOS. The malware is intended, among other things, to steal iCloud keychain passwords as well as browser data, files and cryptocurrencies. Now there are reports of a new scam that is intended to bring the Atomic macOS Stealer to Apple computers: Infected websites display an update notice that says that the site can only be accessed with the latest version of the browser (Safari, Chrome , etc.). The download button offered then leads to AMOS infection. Here you can find out how to get yours Browser updated manually and securely.
Chapter in this post:
- 1 ClearFake campaign targets macOS and Windows computers
- 2 What happens if you download the alleged “update”?
- 3 What to do if the web browser displays an update notice?
- 4 How do I find an official Safari update?
- 5 How do I find an official Chrome update?
- 6 How do I find an official Firefox update?
- 7 How do I find an official Opera GX update?
- 8 How do I find an official DuckDuckGo update?
- 9 Similar posts
ClearFake campaign targets macOS and Windows computers
The “ClearFake” campaign to spread malware across the web may be familiar to some people from Windows malware. With the new scam to smuggle the AMOS software onto Macs, it is now spreading to macOS. Malwarebytes, among others, reports on this in one Blog. Due to its technical effort, the ClearFake campaign is described as “the most widespread and dangerous social engineering method“ of the malware industry. In order to display the correct fake website, the location, browser and operating system are requested. Malwarebytes provides the following examples of fake update notices for Safari and Chrome.
The fakeness of the alleged Safari update can already be recognized by the outdated symbols for iCloud and the browser itself:
The fake for the alleged Chrome update is a little better done and not so easy to recognize:
What happens if you download the alleged “update”?
According to Malwarebytes, the respective buttons download a dmg file, which is then opened and its contents installed. So if the alarm bells haven't gone off yet, they should ring now at the latest. In most cases, you don't have to reinstall the program to install a browser update (Chrome is an exception, see below). A dmg file, such as when installing a completely new program for the first time, is often not necessary. The AMOS installer also asks for the password - once entered, it of course ensures that you give the malware a free hand with admin rights.
What to do if the web browser displays an update notice?
If you suddenly see an update notice while surfing the web, you should ignore it for now and see what page you actually accessed. It doesn't always have to be a dubious gambling or adult site. Maybe you came to the site through an infected Google ad (another AMOS scam) or entered a URL incorrectly. If you get a notice like this, it's better to check the browser settings to see whether an update is available instead of loading the alleged update using the button on the fake website.
How do I find an official Safari update?
The latest version of Safari is basically already included in macOS. If the operating system is up to date, then Safari will also have the latest version. However, if there is an out-of-order update, you can find it here: Apple logo () -> System Settings -> General -> software update. You can also find it in the App Store in the left sidebar Updates see if there is a Safari update there. If it doesn't appear in both locations, then you don't need an update.
How do I find an official Chrome update?
The Chrome browser shows itself under macOS when it needs to be updated. The three-dot menu (on the far right of the address bar) is then highlighted in red and “Update” is written next to it. If you click on it, you can access the first item in the menu that is called up Google Chrome is outdated ring. There are now two options here: either an update is loaded and installed when you click on it or you go to the official Chrome download page (https://www.google.com/chrome/). The download offered there can be used without any concerns.
How do I find an official Firefox update?
If you use the Firefox browser on the Apple Mac, you can install a possible update via the menu Firefox -> About Firefox check. The download and installation of the update is also carried out in the information window that opens. You then have to restart the browser. If you then look again in the info window, it should show that Firefox is in the latest version.
How do I find an official Opera GX update?
In Opera GX you click into the menu Opera GX -> Update and restore. An automatic check for possible updates should also run there. Once the update has been downloaded and installed, this browser must also be restarted. The menu then says “Opera is up to date”.
How do I find an official DuckDuckGo update?
If you use the DuckDuckGo browser on the Apple Mac, click on in the menu bar DuckDuckGo -> Check for Updates. If a new version is available, you will be offered its description and the “Install Update” button underneath. Use this to update the browser. You then confirm the whole thing with the “Install and Relaunch” button in a smaller window.
After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.