By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Pew PatriotsPew PatriotsPew Patriots
Notification Show More
Font ResizerAa
  • Home
  • News
  • Tactical
  • Guns and Gear
  • Prepping & Survival
  • Videos
Reading: New malware exploits fake updates to steal data
Share
Font ResizerAa
Pew PatriotsPew Patriots
  • News
  • Tactical
  • Guns and Gear
  • Prepping & Survival
  • Videos
Search
  • Home
  • News
  • Tactical
  • Guns and Gear
  • Prepping & Survival
  • Videos
Have an existing account? Sign In
Follow US
New malware exploits fake updates to steal data
News

New malware exploits fake updates to steal data

Jimmie Dempsey
Last updated: March 3, 2025 3:15 pm
Jimmie Dempsey Published March 3, 2025
Share
SHARE

Windows has always been a favorite target for hackers, but it seems they have now figured out how to actively target Macs as well. We’ve seen an alarming rise in malware affecting Mac computers, stealing personal data and cryptocurrency.

Threat actors are now using AI along with elaborate social engineering tricks to target Apple users, and the company doesn’t seem to be doing much about it. Meanwhile, a cybersecurity report has identified a new Mac malware called FrigidStealer, which spreads through fake browser updates and compromised websites.

Stay protected & informed! Get security alerts & expert tech tips – sign up for Kurt’s The CyberGuy Report now.

What you need to know

A new malware strain called FrigidStealer is targeting macOS users as part of a broader campaign involving fake update scams, cybersecurity firm Proofpoint reported. FrigidStealer spreads through compromised websites that display deceptive browser update prompts. When users click on these prompts, they unknowingly download a malicious DMG file. Once executed, the malware requests the user’s system password to gain elevated privileges before stealing sensitive information, including browser cookies, password-related files, cryptocurrency data and Apple Notes.

Proofpoint identified two new threat actors behind the operation: TA2726, which functions as a traffic distribution service provider, and TA2727, which delivers FrigidStealer to Mac users. The campaign also deploys malware on Windows and Android devices, signaling a multi-platform attack strategy. The cybersecurity firm assessed with high confidence that TA2726 distributes traffic for other malware campaigns as well. Some operations previously attributed to TA569 have now been reclassified under TA2726 and TA2727.

TA569 – also known as Mustard Tempest, Gold Prelude and Purple Vallhund – is linked to the cybercrime syndicate EvilCorp and was first identified in 2022.

Proofpoint also assessed with moderate confidence that TA2727 purchases traffic through online forums to spread malware, which could be its own or that of potential clients.

“These are traffic sellers and malware distributors and have been observed in multiple web-based attack chains like compromised website campaigns,” the report stated, “including those using fake update-themed lures.”

New malware exploits fake updates to steal data

BEST ANTIVIRUS FOR MAC, PC, IPHONES, ANDROIDS – CYBERGUY PICKS

Infostealers are on the rise

Threat intelligence platform KELA reported that hackers using Lumma, along with StealC, Redline and other infostealers, infected 4.3 million machines in 2024, compromising an estimated 330 million credentials. Security researchers also observed 3.9 billion credentials circulating in lists that appear to originate from infostealer logs.

Infostealer malware is expected to remain a persistent threat in 2025. With malware-as-a-service platforms on the rise and infostealers becoming more sophisticated, cybercriminals will likely continue relying on them as a primary tool for stealing credentials and infiltrating systems.

New malware exploits fake updates to steal data

FROM TIKTOK TO TROUBLE: HOW YOUR ONLINE DATA CAN BE WEAPONIZED AGAINST YOU

4 ways to stay safe from infostealer malware

As infostealer malware continues to grow in sophistication, taking proactive steps to protect your data is more important than ever. Here are four key ways to safeguard yourself from threats like FrigidStealer, Lumma and other credential-stealing malware.

1) Beware of fake software updates: One of the most common infection methods is through deceptive browser update prompts. Never download updates from pop-ups or random websites. Instead, always update your software directly from official sources, such as the App Store or the application’s official website. If in doubt, check out my detailed guide on how to keep your device and software updated.

2) Enable two-factor authentication (2FA): Even if your credentials are stolen, 2FA adds an extra layer of security by requiring a secondary verification method, such as a one-time code sent to your phone. Use 2FA for all critical accounts, including email, banking and cloud services.

3) Use a password manager: Many infostealers target saved passwords in web browsers. Instead of relying on your browser to store credentials, use a dedicated password manager. Get more details about my best expert-reviewed Password Managers of 2025 here.

4) Be cautious with downloads and links. Use a strong antivirus: Infostealer malware often spreads through malicious downloads, phishing emails and fake websites. Avoid downloading software or files from untrusted sources and always double-check links before clicking them. Attackers disguise malware as legitimate software, game cheats or cracked applications, so it is best to stick to official websites and app stores for downloads.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

HERE’S WHAT RUTHLESS HACKERS STOLE FROM 110 MILLION AT&T CUSTOMERS

Kurt’s key takeaway

As the digital landscape evolves, so do the nasty threats we face. FrigidStealer is just the latest reminder that no platform, not even macOS, is immune to the growing sophistication of cybercriminals. With infostealers like Lumma, StealC and Redline already compromising millions of devices and billions of credentials in 2024, the rise of AI-driven attacks and social engineering scams signals a challenging road ahead. 

Do you think companies like Apple should be doing more to combat these evolving threats? Let us know by writing us at Cyberguy.com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.

Read the full article here

You Might Also Like

‘Too fast’ or ‘excellent’? Americans grade first 100 days of President Trump’s second term

Agriculture secretary cancels $600K grant for study on menstrual cycles in transgender men

MS-13 gangbanger illegal aliens accused of stabbing 3 corrections officers in violent Virginia prison attack

Naomi Osaka clips themed nails, suffers devastating 1st-round loss in French Open

SNL compares Trump to Jesus in Easter sketch mocking economy and faith: ‘Donald Jesus Trump’

Share This Article
Facebook Twitter Email Print
Leave a Comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

We Recommend
TSA tells Americans their Costco cards won’t fly at airport security despite love for hot dogs
News

TSA tells Americans their Costco cards won’t fly at airport security despite love for hot dogs

Jimmie Dempsey Jimmie Dempsey June 7, 2025
Novak Djokovic hints at retirement after French Open defeat to Jannik Sinner
ICE sweeps through LA businesses as local Democrats cry foul over Trump administration’s enforcement actions
Florida ex-sheriff arrested for allegedly running illegal gambling house that generated millions
On 81st anniversary of D-Day, one US Navy veteran’s son is the first American Pope
Kristin Cavallari’s friend exposes her date with ‘Top Gun’ star Glen Powell
Hundreds of teenagers transform peaceful beach into chaos as police forced to break up fights
News

Hundreds of teenagers transform peaceful beach into chaos as police forced to break up fights

Jimmie Dempsey Jimmie Dempsey June 6, 2025
Pakistan’s Digital Crackdown: How Geofencing and ID Blacklists are Silencing Dissent
Prepping & Survival

Pakistan’s Digital Crackdown: How Geofencing and ID Blacklists are Silencing Dissent

Jimmie Dempsey Jimmie Dempsey June 6, 2025
Third Navy destroyer heads to southern waters as administration strengthens maritime border security
News

Third Navy destroyer heads to southern waters as administration strengthens maritime border security

Jimmie Dempsey Jimmie Dempsey June 6, 2025
Pew Patriots
  • News
  • Tactical
  • Prepping & Survival
  • Videos
  • Guns and Gear
2024 © Pew Patriots. All Rights Reserved.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?