Recorded Future’s Insikt Group identified that Vortax, a purported virtual meeting software, spreads three infostealers—Rhadamanthys, Stealc, and Atomic macOS Stealer (AMOS). This extensive campaign targets cryptocurrency users, exploiting macOS vulnerabilities. Operated by the threat actor “markopolo,” this campaign has significant implications for macOS security, indicating a potential increase in AMOS attacks.
The Travels of “markopolo”: Self-Proclaimed Meeting Software Vortax Spreads Infostealers, Unveils Expansive Network of Malicious macOS Applications
While monitoring data in Recorded Future Malware Intelligence, Recorded Future’s Insikt Group has identified a widespread cyberattack campaign involving Vortax, a supposed virtual meeting software. Once downloaded…
Source link
