Jamf Threat Labs researchers analyzed info stealer malware attacks targeting macOS users via malicious ads and rogue websites.
One of the attacks spotted by the researchers relied on sponsored ads proposed to the users while searching for “Arc Browser” on Google. The search engine proposed a malicious site aricl[.]net that imitates the legitimate arc.net.
Reddit users also described the malicious ads in a discussion. The researchers noticed that the malicious website can only be visited through a generated sponsored link; otherwise, it returns an error. This technique allows for evasion of detection.
