What is ClearFake, a threat to laptop users?

0
269

After Deepfake, researchers are alerting Mac and Windows users on Clearfake and warning against Safari and Chrome updates on laptops. Know all about Clearfake and tips to stay safe from it.

Researchers identified Atomic macOS Stealer (AMOS), a sophisticated virus that primarily targets Apple users, as a new cyber threat at the beginning of 2023. The AMOS malware can retrieve private data from a victim’s device once it has been installed. This data can include credit card numbers, cryptocurrency wallet passwords, iCloud Keychain passwords, and other files. Even while the malware was already dangerous, a recent revelation shows that hackers are now using a phoney browser update chain identified as “ClearFake” to infect Mac users with AMOS.

As if the deepfake threat wasn’t enough, we now have to deal with a new and potentially even more serious security issue that impacts a broader spectrum of individuals.

What is ClearFake? How is it different from deepfake?
ClearFake is a kind of deepfake which is created by using machine learning to manipulate images or videos in a way that makes them appear real. It can be done by using several techniques such as image splicing, facial recognition and voice synthesis.

How clearfake is a threat to users?
It can be used to spread misinformation, create fake news stories and impersonate people. Malwarebytes, a provider of cyber threat alert systems, claims that hackers are infecting Mac users with AMOS via the ClearFake technique.

First noticed in Windows attacks, ClearFake propagates fake Safari and Chrome browser updates via hacked websites. Threat actors are reaching a wider audience by making use of this expanding network of hijacked websites. They are able to obtain sensitive data and login credentials from users who download the virus, which they can use for future attacks or for instant financial benefit.

How ClearFake is installed on Macs/laptops?
In this instance, AMOS—a kind of malware that steals data from its targets—is being installed via ClearFake. The attackers are insinuating dangerous JavaScript code into fictitious websites. Once a person accesses such a page, they get false prompts that look to be official Safari or Chrome browser updates. These notifications are deliberately designed to trick users into clicking, which causes the malicious AMOS software to download and install.

Unaware victims are sent to a website where AMOS malware is covertly downloaded and installed on their unwary PCs after clicking the link to the false update. After installation, AMOS quietly penetrates the victim’s system to obtain private data without authorization. Its main goal is to steal private information, such as credit card numbers, bitcoin wallets, and iCloud Keychain passwords.
How to stay safe from ClearFake?
● Avoid downloading software from unknown sources.
● Update Safari and Chrome directly from the app.
● Before downloading an app, check the legitimacy of the source.