- How the New AMOS Malware Works
- Objectives and Tactics of Cybercriminals
- Precautionary Measures and Protection Strategies
The AMOS malware is back, this time disguising itself as the popular screen recording app Loom. Using Google Ads, cybercriminals lure unsuspecting victims to a fake website posing as legitimate.
How the New AMOS Malware Works
Researchers at Moonlock Lab report that the latest version of AMOS also clones legitimate crypto wallet apps like Ledger Live. The malware replaces these trusted apps with malicious clones, enabling attackers to access users' crypto wallets, browser data, and passwords.
Objectives and Tactics of Cybercriminals
The group, possibly known as 'Crazy Evil,' uses Google Ads to draw in victims, making them believe they are downloading the real Loom app from a site that looks identical to the official one. Infection occurs with a click on a fake download button, giving the malware full access to the device.
Precautionary Measures and Protection Strategies
Users are advised to be cautious of suspicious ads and dubious downloads. Keeping antivirus software up to date and exercising caution when downloading new apps can help prevent infection.
It is strongly advised to be vigilant when downloading applications and not to trust unverified sources. AMOS malware poses a significant threat to Mac users, so everyone should be on guard.
Comments