Fake Safari and Chrome Updates Infecting Macs with AMOS Malware
Nov. 22, 2023How AMOS Malware is injected into Macs
The early signs of AMOS threats were reported in March and April. In September, the security researchers at Malwarebytesdiscoveredthat Mac users were tricked into installing AMOS via fake Google Search Ads. Now, Malwarebytesreportsthat AMOS is injected into Macs using compromised websites to deliver fake Safari and Chrome updates. This fake browser update chain is labeled as “ClearFake”, and was previously seen against Windows as well. Let’s see how to spot fake updates and avoid the AMOS threat on Macs.
Here’s a fake Safari update that mimics the official website. It’s quite easy for Apple users to spot it as there are outdated Safari and iCloud icons. However, if someone is new to the Apple ecosystem, it’s easier for them to fall for this. So, beware.
Below is a more convincing Google Chrome update template that closely resembles the authentic one.
While the AMOS malware is a threat, the good news is that it is totally avoidable. Here’s how:
