LastPass warns of a campaign targeting macOS users with malicious apps impersonating popular software, delivered through fraudulent GitHub repositories. The campaign uses SEO tactics to promote fake apps that install the Atomic (AMOS) info-stealing malware, now with added backdoor capabilities. #LastPass #AtomicMalware #ClickFix #GitHubThreats
Keypoints
- Malicious campaigns target macOS users with fake software impersonations via GitHub.
- The counterfeit apps deliver the AMOS info-stealing malware through ClickFix attacks.
- The malware operators added a backdoor for persistent access to infected systems.
- Attackers use SEO tactics to promote fake repositories high in search results.
- Users are advised to download software only from official sources and avoid unknown commands.