Thursday, November 21, 2024
News

Moonlock Labs says it’s uncovered macOS malware spread through Google sponsored URLs

Moonlock Labs says it’s uncovered macOS malware spread through Google sponsored URLs.

Moonlock Lab reports that it’s uncovered macOS malware being spread through Google sponsored URLs, posing as popular apps like Loom, Figma, Calendly, TunnelBlick (VPN), etc. 

These ads look legitimate but redirect users to fake sites that are near-perfect replicas of the official ones, prompting users to download malicious files. Moonlock Labs says the attackers, possibly the Crazy Evil group, use multiple redirects to evade detection by automated systems. 

Additionally, Moonlock Labs discovered the recruitment of cybercriminals via darknet advertisements and identified an IP address linked to a governmental entity, likely leveraged for malicious purposes.

Moonlock Labs says that you should always pay close attention to URLs when downloading files, even if they come from Google Ads or top search results. Additionally, it’s a good practice to scan your devices with anti-malware tools like CleanMyMac X with the Moonlock Engine to ensure that no malicious software is present.

I hope you’ll help support Apple World Today by becoming a patron. All our income is from Patreon support and sponsored posts. Patreon pricing ranges from $2 to $10 a month. Thanks in advance for your support.

Dennis Sellers
the authorDennis Sellers
Dennis Sellers is the editor/publisher of Apple World Today. He’s been an “Apple journalist” since 1995 (starting with the first big Apple news site, MacCentral). He loves to read, run, play sports, and watch movies.