Fake Malwarebytes, LastPass, and Others on GitHub Serve Malware

Weaponized Malware: GitHub Hosts Malware from Malwarebytes, LastPass, Citibank, SentinelOne, and More

A large-scale campaign targeting Mac users is leveraging fake GitHub pages to distribute information-stealing malware disguised as popular legitimate applications. Among the impersonated software are Malwarebytes for Mac, LastPass, Citibank, SentinelOne, and scores of other well-known brands. Although brand impersonation is nothing new, this campaign demonstrates the evolving tactics cybercriminals employ to entice users into […] The post Weapon…

Macs go phishing as GitHub impostors drop Atomic stealer

In an active, large-scale campaign, attackers are posing as legitimate brands on GitHub Pages to target macOS users with the data-skimming “Atomic” stealer. According to recent findings from LastPass, which itself was targeted in the campaign, attackers are using SEO tricks to push malicious pages to the top of Bing and Google search results, luring users into thinking they’re installing genuine software. “This campaign appears to be targeting a…

Fake Malwarebytes, LastPass, and others on GitHub serve malware

Fake versions of legitimate software are currently circulating on GitHub pages, in a large-scale campaign targeting Mac users. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Unfortunately, Malwarebytes for Mac is one…