Hackers Abuse Verified X Ads to Deliver Mac Malware Through ClickFix Attack
ID: 73baf5a2-684e-5641-828b-cff2bd58a313
STIX ID: report--73baf5a2-684e-5641-828b-cff2bd58a313
Feed Name: Cyber Press
A sponsored, verified ad campaign on X directed macOS users to a lookalike site (dynamicmacisland.com) that instructed victims to paste Terminal commands, silently installing macOS malware (Atomic Stealer variants) to exfiltrate credentials and browser data. The report also describes ConsentFix, a browser/OAuth manipulation enabling rapid account takeover by extracting valid tokens via drag-and-drop interactions, and provides mitigation advice such as tightening ad/brand monitoring, endpoint protections, conditional access, and user education.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
