logo

Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts

ID: 2a89d5dd-161a-5d26-9d68-5334d9d24988

STIX ID: report--2a89d5dd-161a-5d26-9d68-5334d9d24988

Feed Name: Security Boulevard

Threat Score
75/100

Date Published: 2026-07-03

Date Updated: 2026-07-03

Author: Malwarebytes

...
...

The report describes two active threats: a Mac-targeting ClickFix-style campaign delivered via a verified sponsored X ad that redirected victims to a lookalike domain (dynamicmacisland.com) and tricked them into pasting Terminal commands to install Atomic Stealer variants, and a Windows-targeting ConsentFix method that lures Microsoft 365 users into dragging a callback link to the browser, thereby handing attackers session tokens and enabling account takeover without passwords or MFA. The write-up details attack mechanics, used infrastructure, and basic mitigations.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.