Happy Monday everyone!

CrowdStrike is reminding us that just because some of us use Macs, doesn't mean we are malware proof! In this case the cybercriminal group dubbed #COOKIESPIDER was deploying their stealer known as #SHAMOS.

Using a combination of malvertising and the #ClickFix technique, the group would trick their victim's into installing the Shamos stealer which leads to it running "host reconnaissance and data collection tasks, including searching for known cryptocurrency-related wallet files and sensitive credential-based files on disk".

As always, take a read for yourself to see all the details I left out! Enjoy and Happy Hunting!

Falcon Platform Prevents COOKIE SPIDER’s SHAMOS Delivery on macOS
https://www.crowdstrike.com/en-us/blog/falcon-prevents-cookie-spider-shamos-delivery-macos/

Intel 471 Cyborg Security, Now Part of Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday