It might come as a surprise to some Mac fans, but cybercriminals are still actively finding ways to attack macOS.

New FrigidStealer Malware Spreads Through Fake Browser Update

A new malware strain, FrigidStealer, was recently found byProofpointand highlighted byAppleInsider.

The malware is made to steal information from your Mac. Using compromised sites that appear legitimate, the criminals redirect you to a fake browser update page. As you can see in the image, the pages look very legitimate at first glance.

The FrigidStealer fake popup for Safari update,

If you click the Update button, a DMG file will download to your Mac. The installation instructions also look very official—when followed, the instructions bypass Gatekeeper. That’s a Mac security feature that warns you that an application is unsigned and untrusted.

The final step of “installation” requires you to enter the Mac’s password. Proofpoint explains what happened after execution:

Upon execution, FrigidStealer uses Apple script files and osascript to prompt the user to enter their password, and then to gather data including browser cookies, files with extensions relevant to password material or cryptocurrency from the victim’s Desktop and Documents folders, and any Apple Notes the user has created.

All of that data was then sent to another compromised site.

Yes, Mac Users Still Need to Stay on Top of Security

One of the biggest draws of Apple products, including the Mac, is the focus on security. But as this social engineering scheme shows, bad actors can sometimes create a credible scenario that might fool someone.

There are many ways you can protect yourself from something like this very scary malware. First, be vigilant about what files you download from online sources. While Gatekeeper is a great Mac feature, it can sometimes be bypassed, like with FrigidStealer. If you’re concerned, there are somequick sites that will tell you if a link is safebefore downloading.

Another way to protect yourself at all times is with antivirus software. Instead of having to shell out cash, you can find somegreat free antivirus options for your Mac.