Fake application and server updates are causing havoc among Internet users. Cybersecurity researchers have unveiled malicious campaigns that release the AMOS (Atomic Stealer) malware by downloading fraudulent Chrome and Safari updates.

One of the most efficient ways for hackers to trap victims is through false advertising. They use it to gain the customer’s trust, make them download a fake update, and take over their data.

Atomic Stealer, also known as AMOS, is a malware that has returned to digital scenarios through these malicious Chrome and Safari updates for MacOS computers.

In September, cybersecurity experts noticed its reappearance, camouflaged in malicious advertising. But before, in April, it was used in an attack focused on cryptocurrencies.

Social engineering campaigns allow attackers to achieve their objectives. This is the case of Clearfacke, according to reports from Malwarebytes, “which takes advantage of compromised websites to distribute false Safari and Chrome updates for MacOS.”

When the user downloads the update, they receive a request to open the files through which the commands are activated to “steal data and send it to a server controlled by the malicious actor.”

M.Pino

Source: teleradioamerica

(Reference image source: Unsplash+, in collaboration with Getty Images)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Fake Chrome and Safari updates download AMOS malware apareció primero en Bitfinance.

Apple’s iOS mobile operating system has begun redirecting web traffic from Google’s Safe Browsing security tool, which detects fraudulent web pages, to the company’s own proxy servers to reduce the risk of leaks and improve privacy.

These changes have been made effective in the beta version of iOS 14.5 and have been confirmed on Twitter by Maciej Stachowiak, responsible for Apple’s WebKit, after their publication on the 8-Bit portal.

So far, tools such as the pre-installed iOS browser, Safari, make traffic go through the servers of Safe Browsing, a Google tool that prevents access to malicious web pages, both cases of malware and phishing, as Google explains on their website.

However, starting with the beta version 14.5 1 (V.2) of iOS, Safari changes its strategy and begins to redirect traffic to Apple servers through proxy, so that web traffic stops passing through the servers of Google. In this way, although the Google tool is still used, data protection is improved and “the risk of a potential data leak is limited“, as Stachowiak has assured.

Though, Apple explains on its website that the use of Google Safe Browsing can be disabled through the Safari settings, in the Fraudulent page alerts section, and that the address of the web pages is never shared with this tool, but the user’s IP address.

Source: dpa

La entrada iOS 14.5 redirects Google Safe Browsing traffic to Apple servers apareció primero en Bitfinance.