Over 2,800 Hacked Sites Target macOS Users with AMOS Malware

A new campaign, called MacReaper, is targeting Apple users?. The trick??Fake Google CAPTCHA prompts?that urge users to open Terminal and paste a “verification” command that installs the AMOS stealer malware.

This malware can swipe Keychain passwords, browser logins, crypto wallets, and files from the Desktop and Documents folders. Even more dangerous: the attack infrastructure hides malicious instructions inside blockchain transactions using EtherHiding.

Remember:?Don’t trust CAPTCHAs that ask for Terminal input.?And if you’re managing a macOS fleet, start monitoring clipboard activity and Terminal executions.

Paul