In an lively, large-scale marketing campaign, attackers are posing as reputable manufacturers on GitHub Pages to focus on macOS customers with the data-skimming “Atomic” stealer.
In line with current findings from LastPass, which itself was focused within the marketing campaign, attackers are utilizing web optimization methods to push malicious pages to the highest of Bing and Google search outcomes, luring customers into pondering they’re putting in real software program.
“This marketing campaign seems to be focusing on a spread of firms, together with tech firms, monetary establishments, password managers, and extra,” LastPass mentioned in a weblog submit, including an inventory of focused firms. “Within the case of LastPass, the fraudulent repositories redirected potential victims to a repository that downloads the Atomic infostealer malware.”
