Windows has always been a favorite target of hackers, but they seem to have realized now how actively aiming for Mac and Mac. We saw an alarming rise Malicious software that affects Mac computerstheft of personal data and cryptocurrency currency.
For actors, threats are now using AI together with the elaborate tricks of social engineering to target Apple users, and the company does not seem to be much about it. In the meantime, a report on cyber security has identified a new Mac malicious software called Figidstealer, which spreads with false browser updates and compromised websites.
Picture Mac laptop (Kurt “Cyberguy” Knutsson)
What you need to know
A new strain of malicious software called Figidstealer targets Macos users as part of a wider campaign that includes false update fraud, Cyber -Safe Proofpoint reported. Figidstealer spreads through compromised websites showing inquiries to update a deceptive browser. When users click on these instructions, they unconsciously take over the malicious DMG file. Once done, malicious software requires a password of the user system to obtain elevated privileges before the theft of sensitive data, including browser cookies, password -related files, Crypto currency information and Apple Notes.
Proponpoint has identified two new actors threatening the operation: Ta2726, which functions as a provider of traffic distribution services, and Ta2727, which brings Figidstealer to MAC users. The campaign also deployed malicious software on Windows and Android devices, signaling a strategy of attacking multiple platforms. Kibernetic security company with great confidence estimated that TA2726 distributes traffic for other malicious software campaigns. Some surgery previously attributed to the Ta569 have now been seated under TA2726 and TA2727.
Ta569 – also known as mustard Tempest, gold prelude and purple Vallhund – is associated with the Cyber - Criminal Evilcorp union and was first identified in 2022.
Proofpoint also estimated with moderate confidence that TA2727 buys traffic through the internet forums to spread the malicious software, which could be their own or potential clients.
“These are traffic sales salesmen and distributors of malicious software and have been observed in several internet chains attacks such as compromised website campaigns,” the report said, “including those using fake update -topic.”
False Mamac Update Delivery Figidstealler via Safari, Left and Crime, Right (Proponpoint) (Kurt “Cyberguy” Knutsson)
Best Antivirus for Mac, PC, iPhones, Androids – Cyberguy Picks
Infostellers are on the rise
An intelligence platform for threat Kela reported That the hackers used by Lumma, along with Steal, Redline and other infoestrles, infected 4.3 million machines in 2024, which threatened the estimated 330 million credentials. Security researchers also noticed 3.9 billion credentials circulating the lists that seem to originate from the Infosteler’s Record.
The malicious software of Infosteler is expected to remain a lasting threat of 2025. Considering that the platforms of malicious software as well as rising services and infestral services will become more sophisticated, the Cyber criminals will probably rely on them as the primary tool for the theft of credentials and infiltrating systems.
The man who works on his Mac laptop (Kurt “Cyberguy” Knutsson)
From Tictoka to Problem: How your Internet data can be armed against you
4 ways to stay safe from malicious infestaler software
As the malicious software of infostealer continues to grow in sophistication, taking proactive steps to protect your data is more important than ever. Here are four key ways to protect yourself from threats like Figidstealler, Lumma and other malicious software.
1) Watch out for false software updates: One of the most common methods of infection is through deceptively asking for browser update. Never download updates from jump windows or random websites. Instead, always update your software directly from official sources, such as the App Store or the official website of the application. If you doubt, look at my Detailed guide on how to update the device and software.
2) Enable a dual -factor authentication (2FA): Even if your credentials are stolen, 2fa Adds an additional layer of security, demanding a secondary check method, such as a one -off code sent to your phone. Use 2FA for all critical accounts, including E -State, Banking and Cloud Services.
3) Use password manager: Many infoestrles are aiming to save passwords in web browsers. Instead of relying on your credential storage browser, use a dedicated password manager. Get more details about my Best reviewed password managers from 2025. Here.
4) Be careful with download and connections. Use a strong antivirus: Malware Infostealler often spreads through malicious downloads, Phishing E -Mail and False Website. Avoid downloading software or files from unreliable sources and always double check the links before clicking them. The attackers disguise the malicious software as legitimate software, cheating on games or cracked apps, so it is best to adhere to official websites and the retailer stores to download.
The best way to protect yourself from malicious connections installed by malicious software, potentially access to your private data, is to install a strong antivirus software on all your devices. This protection can also alert you of phishing e -Mail and fraud from Ransomware, keeping your personal information and digital assets. Get my elections for the best winners to protect against antivirus 2025 for your Windows, Mac, Android and iOS devices.
Here’s what ruthless hackers stole from 110 million AT&T customers
Kurt’s key step
As the digital landscape develops, so do nasty threats. Figidstealer is just the latest reminder that no platform, not even macos, is not immune to the growing sophistication of Cyber -Kriminalci. With infoestrles such as Lumma, Stealc and Redline, they have already threatened millions of devices and billions of credentials in 2024, an increase in attack on AI-Vedan on AI and fraud of social engineering signals the challenging path ahead.
Do you think companies like Apple should work more in the fight against these evolving threats? Let us know by writing us on Cyberguy.com/contact.
For more of my technological tips and security warnings, subscribe to my free newsletter about Cyberguy Report, moving toward Cyberguy.com/newslettter.
Ask the Kurt question or let us know which stories would you like to cover.
Follow Kurt on his social channels:
Answer to the most demanding questions about Cyberguy:
New from Kurt:
Copyright 2025 Cyberguy.com. All rights reserved.
