New Malware Threat: FrigidStealer Exploits Fake Updates to Compromise Data

The Rising Threat of Malware on macOS

Windows has long been a primary target for cybercriminals, but recent developments indicate that Mac computers are now equally vulnerable. There has been a significant uptick in malware specifically designed to infiltrate macOS systems, compromising personal data and cryptocurrencies.

FrigidStealer: A New Player in Cybercrime

A cybersecurity report highlights a concerning new malware strain known as FrigidStealer, which utilizes fake browser update prompts to deceive users into downloading malicious software. This malware spreads through compromised websites and operates through a deceptive mechanism that tricks users into believing they are updating their browsers.

Upon clicking these fraudulent prompts, users inadvertently download a malicious DMG file. Once this file is executed, FrigidStealer requests the user’s system password to gain elevated privileges, ultimately stealing sensitive information such as browser cookies, password files, cryptocurrency data, and Apple Notes.

Behind the Attack: New Threat Actors Identified

Cybersecurity firm Proofpoint has identified two new threat actors involved in the distribution of FrigidStealer: TA2726, which serves as a traffic distribution service, and TA2727, responsible for delivering the malware to macOS users. This operation is not limited to Mac; it also targets Windows and Android devices, indicating a multi-platform attack strategy.

The report asserts with high confidence that TA2726 is involved in distributing traffic for various other malware campaigns, with some operations previously attributed to TA569 now reclassified under TA2726 and TA2727. TA569, linked to the notorious cybercrime syndicate EvilCorp, was first identified in 2022.

The Scale of the Cyber Threat

Recent intelligence from threat analysis platform KELA reports that hackers utilizing infostealers like Lumma, StealC, and Redline infected approximately 4.3 million machines in 2024, compromising an estimated 330 million credentials. Furthermore, researchers noted the circulation of about 3.9 billion credentials from infostealer logs, indicating the extensive reach of these cybercriminals.

Experts predict that infostealer malware will continue to pose a serious threat in 2025. With the rise of malware-as-a-service platforms and increasingly sophisticated infostealers, cybercriminals will likely persist in using these tools to steal credentials and breach systems.

Take Action: Protect Your Data

As infostealer malware evolves, taking proactive measures to protect your personal and financial information is crucial. Here are four essential strategies to safeguard against threats like FrigidStealer and others:

1) Be Wary of Fake Software Updates:
Fake browser update prompts are a common infection method. Always download updates directly from official sources, such as the App Store or the software’s official website, and avoid pop-ups or random sites.

2) Enable Two-Factor Authentication (2FA):
Implementing 2FA adds an extra layer of security, requiring a secondary verification method, such as a one-time code sent to your phone. Use 2FA for all critical accounts, including email, banking, and cloud services.

3) Utilize a Password Manager:
Instead of relying on your web browser to store passwords, consider using a dedicated password manager. This can help protect your credentials from infostealers targeting saved passwords.

4) Exercise Caution with Downloads and Links:
Infostealer malware often enters systems through malicious downloads, phishing emails, and fake websites. Avoid downloading software from untrusted sources and always verify links before clicking. Strong antivirus software is essential to protect against these threats, providing alerts for phishing emails and ransomware attacks.

Staying Ahead of Cybercriminals

The emergence of FrigidStealer serves as a stark reminder that no platform, including macOS, is safe from the growing sophistication of cybercriminals. With infostealers like Lumma, StealC, and Redline already compromising millions of devices and billions of credentials, the landscape of digital security is becoming increasingly challenging.

Do you believe that companies like Apple should be doing more to address these evolving threats? Share your thoughts with us.

For more tech tips and security updates, consider subscribing to our free newsletter. Stay informed and protect yourself in an ever-changing digital world!