A malvertising campaign lures Mac users into downloading a counterfeit Microsoft Teams installer containing Atomic Stealer, a data-stealing malware. The campaign uses advanced filtering techniques, compromised ad accounts, and decoy pages to deliver unique payloads that bypass security measures. Upon installation, the malware steals passwords, files, and exfiltrates data. Mitigations include using browser protection tools and cautious downloading practices. Author: AlienVault
Related Tags:
adware
T1558
T1025
T1566.001
data theft
macos
Atomic Stealer
T1555.003
T1552
Associated Indicators:
teamsbusiness.org
voipfaqs.com
http://locallyhyped.com/kurkum/script_66902619887998.92077775.php
147.45.43.136