News
Poseidon malware infects Macs through fake ads on Google
Scammers exploit Google Ads with Poseidon malware posing as Arc browser, targeting Mac users’ sensitive data.
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.
Oh, great. Just what we needed. More scumbags exploiting Google’s ad platform to infect Macs with info-stealing malware. This time, the crooks are masquerading as Arc, that hip browser everyone’s been talking about.
But don’t get it twisted – this isn’t the typical Arc browser. According to ArsTechnica, this is Poseidon, a full-service stealer that’ll snatch your passwords, cryptocurrency wallets, and who knows what else.
Here’s how it goes down, according to MalwareBytes: You’re browsing along, minding your biz, when suddenly an ad catches your eye. “Arc browser – calmer, more personal,” it promises. Sounds nice, right?
Click the ad, and you’re redirected to a fake Arc download site that looks legit as hell. But the .dmg file you download is anything but legit. It’s Poseidon, baby, and it’s got its sights set on your sensitive data.
Once you install Poseidon (don’t install Poseidon!), it gets to work stealing your stuff and shipping it off to the scammers. And these ain’t your run-of-the-mill scammers.
No, they’re running a full-blown criminal enterprise, complete with a control panel to access all the juicy data they’ve swiped.
But wait, it gets better. Google, being the ever-vigilant ad platform it is, “verified” the advertiser behind this malicious ad campaign. Because nothing says “verified” like a stealer-infested ad for a fake browser.
And don’t even get me started on the state of Mac malware development. Apparently, there’s a thriving scene dedicated to crafting stealers. Who knew?
So, what’s the takeaway here? First, don’t download software from ads. Just don’t. Go straight to the official site. Second, be wary of any installation instructions that tell you to right-click and open.
That’s just a way to bypass Apple’s security checks. And finally, keep your wits about you. If an ad seems too good (or calm or personal) to be true, it probably is.
Oh, and Google? You might want to work on that whole “not serving malware” thing. Just saying.
What are your thoughts on this latest Mac malware? Has this ever happened to you? Drop us a line below in the comments, or carry the discussion to our Twitter or Facebook.
Editors’ Recommendations:
- The best antivirus software
- Does antivirus software slow down internet speed?
- Mac users: delete these apps – they’re riddled with malware
- Fake LastPass app makes its way onto App Store, nets 5-star review