Verified X Sponsored Ad Spreads Mac Malware While ConsentFix Hijacks Microsoft 365 Accounts
ID: c5f7fb73-cd98-51ea-bced-1353d93c23e8
STIX ID: report--c5f7fb73-cd98-51ea-bced-1353d93c23e8
Feed Name: GBHackers
Researchers observed a macOS ClickFix campaign that abused a verified X sponsored ad to direct victims to a lookalike site where users were social-engineered to paste Terminal commands that silently installed an Atomic Stealer–family infostealer, while a separate technique called ConsentFix manipulates browser/OAuth flows to capture Microsoft 365 session tokens (bypassing passwords and MFA); both campaigns leverage social engineering and trusted platform signals, and defenders are advised to harden endpoint controls, OAuth/token policies, ad-verification, and user training.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
