LastPass has issued a warning to macOS users regarding fake GitHub repositories distributing the Atomic infostealer malware disguised as legitimate tools, according to Security Affairs.The LastPass Threat Intelligence, Mitigation, and Escalation (TIME) team has identified an ongoing infostealer campaign targeting Mac users through fraudulent GitHub repositories. These repositories redirect users to download the Atomic macOS infostealer under the guise of legitimate software. The malicious actors behind the campaign use SEO tactics to elevate their fraudulent sites in search engine results, particularly targeting tech firms, banks, and password managers. LastPass has identified and taken down two of these fake GitHub repos, which were created by multiple usernames to evade removal efforts.This malware campaign poses a significant threat to macOS users, as it impersonates popular tools like 1Password, Dropbox, and others to deceive victims. The sharing of indicators of compromise (IoCs) by security teams is crucial for detecting and mitigating the impact of such attacks.Source: Security Affairs
