Syndication 
A security company says it blocked a widespread malware campaign that hijacked fake Mac support pages to steal passwords, browser data, and cryptocurrency.
A new Mac malware campaign got defeated
Between June and August 2025, CrowdStrike’s Falcon platform detected more than 300 attempts to deliver Shamos, a variant of Atomic Stealer. The operation was run by Cookie Spider, a group that rents out malware to other criminals on a subscription basis.
The attackers used malvertising, slipping their fake sites into paid search results. Anyone looking for routine fixes such as how to flush the DNS cache on macOS risked landing on one of the phony support pages.
Continue Reading on AppleInsider | Discuss on our Forums
Author
About The Author
