Fake Reddit and WeTransfer Sites are Pushing Malware

Summary

• Researchers have warned that there are currently thousands of fake Reddit and WeTransfer pages that are infecting users with malware.
• The sites tend to target those using search engines to find specific Reddit pages, and they redirect to a fake WeTransfer site where the download button installs malware dubbed Lumma Stealer.
• This steals information-bearing cookies from chatting and email applications, as well as system information, and sends them to a command-and-control server.
• It seems that these sites are exploiting vulnerabilities in macOS, with researchers noting that Apple invariably releases emergency patches for these bugs.
• These vulnerabilities allow malicious applications to gain root access, despite macOS’ otherwise robust security.
• As always, experts have advised users to ensure their systems are up-to-date, as well as to be sceptical of unusual links, regardless of their source.

Original Article