Apple @ Work: Why the ClickFix campaign means it is time to kill the 90 day update deferral
A new macOS ClickFix campaign highlights the risks of deferring software updates for 90 days. This social engineering tactic tricks users into executing malicious scripts, compromising their security. Experts suggest that Apple should reduce the update deferral period to better protect users from emerging threats.
- ▪The ClickFix campaign uses fake CAPTCHA screens to trick users into running malicious scripts in Terminal.
- ▪Once executed, the malware captures the user's password and steals sensitive data from the macOS Keychain.
- ▪Apple has introduced security features in recent macOS versions to combat such attacks, but the 90-day update deferral is seen as a liability.
Opening excerpt (first ~120 words) tap to expand
// Make sure that nineto5ads exists, it will load ad once google tag exists window.nineto5ads = window.nineto5ads|| []; if (typeof adSizes === 'undefined') { var adSizes = {"leaderboard":{"mobile":[[320,50],[320,100]],"tablet":[[728,90],[320,100]],"desktop":[[970,250],[728,90],[970,70],[970,90]]},"sidebar":{"mobile":[300,250],"desktop":[[300,600],[300,250]]}}; } function getLeaderboardApstagSlotsSizes() { if ( window.innerWidth < 768 ) { return adSizes.leaderboard.mobile; } else if ( window.innerWidth < 1024 ) { return adSizes.leaderboard.tablet; } else { return adSizes.leaderboard.desktop; } } window.nineto5ads.push(function() { apstag.fetchBids({ slots: [{ slotID: "div-gpt-ad-1436850350386-0", slotName: "\/1049447\/9to5mac-Top", sizes: getLeaderboardApstagSlotsSizes() }], timeout: 2e3…
Excerpt limited to ~120 words for fair-use compliance. The full article is at 9to5Mac.
Discussion
0 commentsMore from 9to5Mac
