CyberSecurity news

FlagThis - #mozilla

SC Staff@scmagazine.com - 10d

FakeUpdate Campaigns Push FrigidStealer Mac Infostealer

The FakeUpdate malware campaigns are becoming increasingly complex with the emergence of new cybercrime groups, TA2726 and TA2727, now involved in pushing a new macOS infostealer called FrigidStealer. This malware is being distributed through web inject campaigns, where users are tricked into downloading fake browser updates. Proofpoint researchers have identified FrigidStealer as a new threat targeting Mac users.

This campaign also uses Windows and Android payloads, suggesting a broad targeting strategy. The malicious JavaScript used to display the fake browser update messages is being adopted by an increasing number of threat actors, making tracking and analysis more challenging. Proofpoint identified two new cybercriminal threat actors, TA2726 and TA2727, operating components of web inject campaigns.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • cyberinsider.com: New macOS Malware FrigidStealer Spreads via Fake Updates
  • www.scworld.com: Novel FrigidStealer macOS malware spread via bogus browser updates
  • Virus Bulletin: Proofpoint researchers identified FrigidStealer, a new MacOS malware delivered via web inject campaigns. They also found two new threat actors, TA2726 and TA2727, operating components of web inject campaigns.
  • www.bleepingcomputer.com: FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer.
  • www.proofpoint.com: Proofpoint researchers identified FrigidStealer, a new MacOS malware delivered via web inject campaigns. They also found two new threat actors, TA2726 and TA2727, operating components of web inject campaigns.
  • bsky.app: The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer.
  • BleepingComputer: The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer.
  • Anonymous ???????? :af:: FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer.
Classification:
  • HashTags: #MacOS #Malware #FakeUpdate
  • Company: Mozilla
  • Target: MacOS Users
  • Attacker: TA2726 and TA2727
  • Product: Firefox
  • Feature: Fake Browser Updates
  • Malware: FrigidStealer
  • Type: Malware
  • Severity: HighRisk

Blogs

Research Tools