SecuriTricks - Attack Report

Description

A malvertising campaign lures Mac users into downloading a counterfeit Microsoft Teams installer containing Atomic Stealer, a data-stealing malware. The campaign uses advanced filtering techniques, compromised ad accounts, and decoy pages to deliver unique payloads that bypass security measures. Upon installation, the malware steals passwords, files, and exfiltrates data. Mitigations include using browser protection tools and cautious downloading practices.

External References

https://www.malwarebytes.com/blog/threat-intelligence/2024/07/fake-microsoft-teams-for-mac-delivers-atomic-stealer

https://otx.alienvault.com/pulse/6691740dd79cf65db6b0a5d4

Date

Created: July 12, 2024, 6:21 p.m.
Published: July 12, 2024, 6:21 p.m.
Modified: July 12, 2024, 6:51 p.m.

Indicators

7120703c25575607c396391964814c0bd10811db47957750e11b97b9f3c36b5d

147.45.43.136

http://locallyhyped.com/kurkum/script_66902619887998.92077775.php

voipfaqs.com
locallyhyped.com
teamsbusiness.org

Download all indicators here!

Fake Microsoft Teams for Mac delivers Atomic Stealer

Description

External References

Tags

Date

Indicators

Attack Patterns

Fake Microsoft Teams for Mac delivers Atomic Stealer

Description

External References

Tags

Date

Indicators

Attack Patterns

Share