Gbhackers
Malware Spreads via Verified Ads on X Targeting Mac Users
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A ClickFix-style malware campaign was detected spreading through a sponsored ad on X, originating from a verified account. The ad masqueraded as the legitimate Mac app DynamicLake, leading users to a malicious domain, dynamicmacisland[.]com. Victims were instructed to execute Terminal commands to install malware, identified as a variant of Atomic Stealer, tracked as MacSync. The incident highlights vulnerabilities in X's ad approval process, allowing malware to bypass automated scans. The developer of DynamicLake expressed concern over the misuse of their brand and urged users to download only from their official site. Jamf Threat Labs and Malwarebytes are investigating the incident, marking it as a significant security breach for Mac users. This is the first known case of malware spread through ads on X, raising alarms about the platform's ad vetting procedures.
Key Points: • Malware spread via a verified ad on X, posing as a legitimate Mac app. • Victims were misled into executing Terminal commands to install malware. • The incident exposes flaws in X's ad approval process and impacts Mac users.