ClickLock: macOS malware coerces password entry to steal data and plant a backdoor

1 min read
Source: BleepingComputer
ClickLock: macOS malware coerces password entry to steal data and plant a backdoor
Photo: BleepingComputer
TL;DR Summary

A new macOS information-stealing malware named ClickLock uses social engineering and a fake Cloudflare verification to force users into typing their system login password, exfiltrates credentials, browser data and wallet information, and installs a persistent backdoor via two LaunchAgent components; it suppresses notifications, runs password-dialog loops for hours or days, and uploads stolen data through Telegram while maintaining persistence for weeks, with infections in 33 countries and at least 100 observed since May. Defenders are advised to avoid pasting unknown Terminal commands and to boot into Safe Mode if prompted for a password.

Share this article

Reading Insights

Total Reads

1

Unique Readers

6

Time Saved

6 min

vs 6 min read

Condensed

92%

1,19493 words

Want the full story? Read the original article

Read on BleepingComputer