¿ªÔÆÌåÓý

ctrl + shift + ? for shortcuts
© 2025 Groups.io
  1. Macsupportcentral
  2. Topics

New alert from Cybersecurity Insider

 

¿ªÔÆÌåÓý

Over 2,800 Hacked Sites Target macOS Users with AMOS Malware

A new campaign, called MacReaper, is targeting Apple users?. The trick??Fake Google CAPTCHA prompts?that urge users to open Terminal and paste a ¡°verification¡± command that installs the AMOS stealer malware.

This malware can swipe Keychain passwords, browser logins, crypto wallets, and files from the Desktop and Documents folders. Even more dangerous: the attack infrastructure hides malicious instructions inside blockchain transactions using EtherHiding.

Remember:?Don¡¯t trust CAPTCHAs that ask for Terminal input.?And if you¡¯re managing a macOS fleet, start monitoring clipboard activity and Terminal executions.


Paul

++++++++++++++++++++++++
Helping Los Angeles area computer
users since 1988?
 

On May 8, 2025, at 2:05 PM, Paul via groups.io <paul@...> wrote:

The trick? Fake Google CAPTCHA prompts that urge users to open Terminal and paste a ¡°verification¡± command that installs the AMOS stealer malware.

How stupid does a user have to be to do such a thing?

This almost sounds like a late April Fool¡¯s joke.



__________________________________________________

Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

Essential But Hard To Find Macintosh Software and Advice

__________________________________________________
 

¿ªÔÆÌåÓý

Wow, this hack almost seems like it is working against itself.?

First it targets the gullible with a fake. But aren¡¯t the gullible more often than not those that are les tech savvy? The ones less inclined to use Terminal? Wow, that incentive hMust be very enticing to get over the fear of Terminal?

What was the source if this information, and has another source confirmed a it is loose in the wild?

Brent

On my iPhone Xr

On May 8, 2025, at 14:05, Paul via groups.io <paul@...> wrote:

?

Over 2,800 Hacked Sites Target macOS Users with AMOS Malware

A new campaign, called MacReaper, is targeting Apple users?. The trick??Fake Google CAPTCHA prompts?that urge users to open Terminal and paste a ¡°verification¡± command that installs the AMOS stealer malware.

This malware can swipe Keychain passwords, browser logins, crypto wallets, and files from the Desktop and Documents folders. Even more dangerous: the attack infrastructure hides malicious instructions inside blockchain transactions using EtherHiding.

Remember:?Don¡¯t trust CAPTCHAs that ask for Terminal input.?And if you¡¯re managing a macOS fleet, start monitoring clipboard activity and Terminal executions.


Paul

++++++++++++++++++++++++
Helping Los Angeles area computer
users since 1988?

1 - 3 of 3