Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

Key Points:

• Cloudflare-themed ClickFix attack targets macOS users, delivering the Infiniti Stealer malware.
• The attack involves a multi-stage infection chain utilizing a fake CAPTCHA page, a Bash script, and a Nuitka loader to deploy the Python-based infostealer.
• Analysts recommend users to avoid suspicious links and ensure security software is updated to detect and block such threats.

Technical Details: The attack leverages social engineering tactics through a fake CAPTCHA page to initiate the infection process, leading to the deployment of the Infiniti Stealer, which is designed to exfiltrate sensitive information from infected systems.

MITRE ATT&CK Techniques:

• T1203 - Exploit Public-Facing Application (Initial Access)
• T1059.006 - Command and Scripting Interpreter: Bash (Execution)

IOCs Mentioned: None mentioned.