Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
New Malware ClickLock Stealer Exploits macOS Vulnerabilities

New Malware ClickLock Stealer Exploits macOS Vulnerabilities

Posted on July 16, 2026 By CWS

A recently identified threat, ClickLock Stealer, has emerged as a significant challenge to macOS security. This malware leverages social engineering tactics alongside process termination to circumvent the operating system’s defenses, in turn gathering sensitive user information.

Discovery and Impact

The cybersecurity firm Group-IB first detected ClickLock Stealer in early June, revealing that the malware had likely been active since late May. It has since targeted at least 100 individuals across 33 countries, predominantly affecting users in Europe.

ClickLock Stealer is engineered to extract a wide array of data from compromised machines. This includes information from web browsers, cryptocurrency wallets and their extensions, and password manager extensions. Additionally, it can capture blockchain addresses from six different chains, access the macOS Keychain, and retrieve FTP credentials and shell history. The collected data is then compressed into an archive and transmitted to a Telegram bot for further exploitation.

Distribution and Methodology

While the precise distribution method of ClickLock Stealer remains unclear, researchers suggest that attackers may have utilized SEO poisoning, social media channels, or compromised websites to drive victims to a deceptive ClickFix page masked as a Cloudflare verification step. This page instructs users to execute a bash command in macOS Terminal, leading to the download and execution of an orchestrator script.

This orchestrator script is responsible for fetching additional malware scripts, including a credential stealer, a cryptocurrency stealer, a Keychain stealer, and a backdoor installer. Though the backdoor persists on the infected system, the other scripts self-delete after completing their data collection tasks.

Exploitation Techniques

The design of macOS, with its inherent security features, typically poses challenges for malware deployment. However, ClickLock Stealer’s reliance on social engineering allows it to be installed with user privileges without requiring exploits or privilege escalation.

To extract the desired data, the malware employs continuous process-killing loops. The orchestrator component tricks users by displaying a counterfeit macOS dialog to capture their passwords, terminating all visible processes until the user complies. This aggressive approach includes repeatedly terminating the macOS NotificationCenter for about six hours to suppress security alerts that might notify victims of the ongoing attack.

Further, when attempting to access the macOS Keychain for the Chrome Safe Storage encryption key, the malware prompts users for authorization while simultaneously terminating other processes to ensure compliance.

ClickLock Stealer exemplifies the evolving threat landscape targeting macOS systems. Users are urged to remain vigilant, update their systems regularly, and exercise caution when executing commands or downloading files from unverified sources.

Security Week News Tags:ClickLock Stealer, cryptocurrency theft, Cybersecurity, data theft, Group-IB, Keychain, macOS security, Malware, password manager, social engineering

Post navigation

Previous Post: Cybersecurity Threats: Game Cheat Spyware and More
Next Post: Linux Welcomes AI with Responsible Use, Says Torvalds

Related Posts

Iran-Linked Cyber Attacks Threaten US Amidst Ongoing Conflict Iran-Linked Cyber Attacks Threaten US Amidst Ongoing Conflict Security Week News
Two-Year-Old Ray AI Framework Flaw Exploited in Ongoing Campaign Two-Year-Old Ray AI Framework Flaw Exploited in Ongoing Campaign Security Week News
Exposed VNC Servers Threaten Industrial Control Systems Exposed VNC Servers Threaten Industrial Control Systems Security Week News
Recently Disrupted DanaBot Leaked Valuable Data for 3 Years Recently Disrupted DanaBot Leaked Valuable Data for 3 Years Security Week News
RondoDox Botnet Exploiting React2Shell Vulnerability RondoDox Botnet Exploiting React2Shell Vulnerability Security Week News
Cyberwarfare Threats in 2026: Nation-State vs. Criminal Activities Cyberwarfare Threats in 2026: Nation-State vs. Criminal Activities Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • AnyDesk Vulnerability Risks Denial-of-Service Attacks
  • PhantomEnigma Hijacks Government Sites for Malware
  • Linux Welcomes AI with Responsible Use, Says Torvalds
  • New Malware ClickLock Stealer Exploits macOS Vulnerabilities
  • Cybersecurity Threats: Game Cheat Spyware and More

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • AnyDesk Vulnerability Risks Denial-of-Service Attacks
  • PhantomEnigma Hijacks Government Sites for Malware
  • Linux Welcomes AI with Responsible Use, Says Torvalds
  • New Malware ClickLock Stealer Exploits macOS Vulnerabilities
  • Cybersecurity Threats: Game Cheat Spyware and More

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark