‘macOS users may face real, sophisticated threats that require neither exploits nor any elevated access to succeed’: ClickLock Stealer tries to trick Apple users into revealing their passwords



  • Group‑IB uncovers ClickLock, a new macOS‑focused infostealer using aggressive social engineering by spamming password prompts and terminating key apps every 210ms until victims comply
  • Once credentials are obtained, it exfiltrates browser data, crypto wallets, password manager entries, FTP configs, and device info via Telegram Bot API
  • Active since May 2026, spotted in 33 countries (mostly Europe), distributed via ClickFix campaigns, and initially undetected by security vendors until recently

Security researchers from Group-IB have uncovered a new infostealer targeting primarily macOS users in Europe.

Dubbed ClickLock, it is more of an annoying social engineering mechanism rather than a full-blown malware variant, constantly popping up a login prompt on the victim’s device, until they finally comply and share the credentials.

https://cdn.mos.cms.futurecdn.net/VGPtSi99Vy7pCWeNLEcT5c-2560-80.jpg



Source link

Latest articles

spot_imgspot_img

Related articles

Leave a reply

Please enter your comment!
Please enter your name here

spot_imgspot_img