Even the best MacBooks can be infected with nasty malware if you're not careful online That's why hackers are repurposing social engineering campaigns that were previously exclusive to Windows to infect Apple computers with Mac malware

According to a new blog post from cybersecurity firm Malwarebytes, the popular Atomic Stealer malware is being used in a new campaign to trick unsuspecting users with fake browser updates and infect their devices with malware used

We recently saw Atomic Stealer used to infect Macs through malicious ads, but this new campaign is slightly different because it uses a compromised website to distribute fake browser updates First discovered in August by security researcher Randy McEoin and dubbed ClearFake, the campaign has since used smart contracts to build a redirection mechanism used to direct potential victims to malicious sites It has undergone a number of upgrades, including

Here is everything you need to know about ClearFake and what you need to watch out for if you are a Mac user worried about becoming a victim of malware

Just a few days ago, on November 17, another security researcher named Ankit Anubhav observed that ClearFake was being distributed to Mac users in addition to the best Windows laptops

In such attacks, unsuspecting Mac users are directed to a page posing as Apple's official download portal for Safari when they click on a malicious link distributed in a phishing email or social media post However, since many Mac owners use Chrome instead of Safari, the hackers behind this campaign have also developed a fake portal for Google's browser

Clicking the "Download" button on the fake Safari page or the "Update Chrome" button on the fake Chrome page downloads a DMG file to the Mac that purports to be a browser update When you click on this file to launch it, you will see a text box requesting an administrator password If you simply give up the password, the Atomic Stealer malware will have full access to your Mac

From here, the malware steals browsing data, cookies, passwords, credit card numbers, and other sensitive data stored on your Mac and sends it back to the hackers behind ClearFake In addition to committing fraud, this information can even be used to steal your identity

Fake browser updates like the above have been the bane of Windows users for years now However, as Macs became more popular, hackers shifted their focus from targeting computers running Windows to targeting computers running macOS

This means that you need to be extra careful when updating your browser and other Mac apps: Safari can be updated from the Software Update menu by clicking on System Preferences from the Apple menu If you prefer Google Chrome, see how to update Chrome, which can be done directly from Google's browser

Neither Apple nor Google will provide updates to users in this manner In fact, if you receive such a warning, you should avoid it altogether, as hackers are most likely behind it

For additional protection and complete avoidance of phishing sites, you should also consider using the best Mac antivirus software solution xProtect antivirus software is built into the Mac, but paid antivirus software is more regularly updated regularly and often come with useful features such as VPN and password managers

In a statement to Tom's Guide, Jérôme Segura, Senior Director of Threat Intelligence at Malwarebytes, provides additional insight into how to protect yourself against Atomic Stealer and other online threats targeting Macs He offers the following: [Atomic Stealer is a piece of malware that targets Macs and is increasingly being distributed via particularly malicious ad campaigns and now compromised sites The lure is classic social engineering, redirecting victims to a decoy page posing as a browser update The malware steals passwords, crypto wallets, and sensitive files immediately after installation The best defense against this threat is to block the malicious redirects occurring on the hacked site and prevent fake updates from being downloaded

Malware targeting Macs will continue to grow, so it may be best to abandon once and for all the idea that Macs are safer than Windows