Just Another Blue TeamerHappy Monday everyone!
CrowdStrike is reminding us that just because some of us use Macs, doesn't mean we are malware proof! In this case the cybercriminal group dubbed #COOKIESPIDER was deploying their stealer known as #SHAMOS.
Using a combination of malvertising and the #ClickFix technique, the group would trick their victim's into installing the Shamos stealer which leads to it running "host reconnaissance and data collection tasks, including searching for known cryptocurrency-related wallet files and sensitive credential-based files on disk".
As always, take a read for yourself to see all the details I left out! Enjoy and Happy Hunting!
Falcon Platform Prevents COOKIE SPIDER’s SHAMOS Delivery on macOS
https://www.crowdstrike.com/en-us/blog/falcon-prevents-cookie-spider-shamos-delivery-macos/
Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday
