Mac malware posing as free versions of apps like Loom | Laptop News

A “sophisticated and alarming” Mac malware attack is being carried out in the guise of free versions of popular apps like the screen recording utility Loom, cryptocurrency manager LedgerLive, and MMO game Black Desert Online.

It appears to be a well-organized attack, with the fake Mac app offers promoted through a combination of legitimate-looking Google ads and phishing emails …

The malware campaign was discovered by Moonlock, a cybersecurity group within MacPaw, the developer behind the CleanMyMac app. The team says that initially it appeared to be limited to mimicking Loom.

“At Moonlock Lab, we’ve recently uncovered a sophisticated and alarming threat spreading through Google-sponsored URLs. The threat, a stealer malware targeting macOS, poses as the popular application Loom, a widely used screen recording tool.

Our investigation kicked off when we noticed a Google ad that appeared to promote the official Loom application. At first glance, it looked legitimate, enticing users to click on what seemed to be a trusted source. However, upon clicking the link, things took a nasty turn.”

But further investigation found that ads and promos for other apps were also being used to push the same malware.

These include:

  • Black Desert Online
  • Calendly
  • Chrome
  • Figma
  • Firefox
  • Gatherum
  • LedgerLive
  • PartyLauncher
  • Safari
  • Zoom

At least one of the phishing campaigns specifically targets YouTube creators, claiming to offer them a creator-specific download link to Black Desert Online.

The LedgerLive link is especially dangerous as, when downloaded, it replaces the real app.

“By replacing the genuine app with a harmful version, attackers can potentially access and drain victims’ cryptocurrency wallets. This can…”

read more 9to5mac.com

FTC: We use income earning affiliate links. More on Sposored links.
Terms of use and third-party services. More here.

Advertisement Amazon

Related Posts