A new scam makes MacOS devices vulnerable by gaining illegal access to the keychain. As Safari and the Passwords app use the same Keychain as all Chromium-based browsers, this scam could potentially steal more than your passwords.
According to a Forbes report, this scam has been active for at least four months. The bad actors are using AI to create websites of fake companies and distribute malware disguised as video conference apps.
A report published by Cado Security Labs suggests that while these websites have a download page for Windows, Linux, and macOS versions, all links lead to the macOS installer. When that file is opened, it displays a server error and asks the user to reinstall the app or use a VPN. When users hit “continue,” a macOS password prompt shows up.
When a user gives it access without a second thought, the malware accesses your keychain and compromises your password database and Chromium-based browser. The stolen browser data can also include your session cookies. Hackers can use this to bypass two-factor authentication to gain access to your social media, emails, and even your bank account. The report from Cado also highlights that scammers using AI to create fake websites is very concerning.
How can you protect yourself from this malware?
Use both an antivirus and a privacy-focused ad blocker that comes with malicious website filters. That way, you can be safe from accessing such download pages, even by mistake. While the Apple App Store has many cool macOS-specific apps, you will need to sideload apps from time to time. Apps like Spotify, Steam, and Epic Games are not on the app store. But always make sure to verify the sources before you download these apps. A third-party password blocker like Bitwarden, Lastpass, and 1Password could also help.
Cado’s threat analysis also revealed that the victims of this malware had been targeted by appearing on Telegram as known contacts talking about business opportunities. Others reported possibly being approached by crypto scammers.
We cannot stress enough how important it is always to ensure you download the right apps from the right places. With the use of AI, it’s becoming much easier for scammers to reach and manipulate users.