Windows has always been a favorite target for hackers, but it seems they have now figured out how to actively target Macs as well. We’ve seen an alarming rise in malware affecting Mac computers, stealing personal data and cryptocurrency. Threat actors are now using AI along with elaborate social engineering tricks to target Apple users, and the company doesn’t seem to be doing much about it. Meanwhile, a cybersecurity report has identified a new Mac malware called FrigidStealer, which spreads through fake browser updates and compromised websites.

What you need to know
A new malware strain called FrigidStealer is targeting macOS users as part of a broader campaign involving fake update scams, cybersecurity firm Proofpoint reported. FrigidStealer spreads through compromised websites that display deceptive browser update prompts. When users click on these prompts, they unknowingly download a malicious DMG file. Once executed, the malware requests the user’s system password to gain elevated privileges before stealing sensitive information, including browser cookies, password-related files, cryptocurrency data, and Apple Notes. Proofpoint identified two new threat actors behind the operation: TA2726, which functions as a traffic distribution service provider, and TA2727, which delivers FrigidStealer to Mac users. The campaign also deploys malware on Windows and Android devices, signaling a multi-platform attack strategy. The cybersecurity firm assessed with high confidence that TA2726 distributes traffic for other malware campaigns as well. Some operations previously attributed to TA569 have now been reclassified under TA2726 and TA2727.
TA569—also known as Mustard Tempest, Gold Prelude, and Purple Vallhund—is linked to the cybercrime syndicate EvilCorp and was first identified in 2022.
Proofpoint also assessed with moderate confidence that TA2727 purchases traffic through online forums to spread malware, which could be it’s own or that of potential clients. “These are traffic sellers and malware distributors and have been observed in multiple web-based attack chains like compromised website campaigns,” the report stated, “including those using fake update-themed lures.”

Proofpoint
BEST ANTIVIRUS FOR MAC, PC, IPHONES AND ANDROIDS – CYBERGUY PICKS
Infostealers are on the rise
Threat intelligence platform KELA reported that hackers using Lumma, along with StealC, Redline, and other infostealers, infected 4.3 million machines in 2024, compromising an estimated 330 million credentials. Security researchers also observed 3.9 billion credentials circulating in lists that appear to originate from infostealer logs.
Infostealer malware is expected to remain a persistent threat in 2025. With malware-as-a-service platforms on the rise and infostealers becoming more sophisticated, cybercriminals will likely continue relying on them as a primary tool for stealing credentials and infiltrating systems.

FROM TIKTOK TO TROUBLE: HOW YOUR ONLINE DATA CAN BE WEAPONIZED AGAINST YOU
Watch the latest episode of The CyberGuy Report.
Missed this event? Sign up via the registration form and see our live recording.
See Kurt’s latest Amazon picks for useful gadgets, smart home upgrades and everyday tech worth grabbing while the deals last.
4 ways to stay safe from infostealer malware
As infostealer malware continues to grow in sophistication, taking proactive steps to protect your data is more important than ever. Here are four key ways to safeguard yourself from threats like FrigidStealer, Lumma, and other credential-stealing malware.
1) Beware of fake software updates: One of the most common infection methods is through deceptive browser update prompts. Never download updates from pop-ups or random websites. Instead, always update your software directly from official sources, such as the App Store or the application’s official website. If in doubt, check out my detailed guide on how to keep your device and software updated.
2) Enable two-factor authentication (2FA): Even if your credentials are stolen, 2FA adds an extra layer of security by requiring a secondary verification method, such as a one-time code sent to your phone. Use 2FA for all critical accounts, including email, banking, and cloud services.
3) Use a Password Manager: Many infostealers target saved passwords in web browsers. Instead of relying on your browser to store credentials, use a dedicated password manager.
- Unlimited password storage
- Secure sharing
- Password health reports
- Auto-fill and emergency access
- Data breach monitoring to alert you if your credentials have been exposed
- A Security Dashboard with tools like the Data Breach Scanner and Password Health Checker to identify weak, reused, or compromised passwords
CyberGuy Exclusive Deal: Save 52% now with CyberGuy’s exclusive NordPass offer – Get 1 extra month FREE with a 2-year plan. Try 30 days risk-free for only $1.43 per month!
4) Be cautious with downloads and links, and use strong antivirus: Infostealer malware often spreads through malicious downloads, phishing emails, and fake websites. Avoid downloading software or files from untrusted sources, and always double-check links before clicking them. Attackers disguise malware as legitimate software, game cheats, or cracked applications, so it is best to stick to official websites and app stores for downloads.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
- Strong real-time protection against viruses, malware, ransomware and hacking attempts
- AI-powered scam protection to help identify suspicious emails, texts and websites
- Built-in password manager to securely store and manage logins
- 2 GB PC cloud backup to help protect important files from ransomware or hardware failure
- Smart firewall and phishing protection
- Protects 1, 3 or 5 devices
- Available for Windows, macOS, Android and iOS
- Includes real-time threat protection, smart firewall and phishing protection to guard against online attacks
HERE’S WHAT RUTHLESS HACKERS STOLE FROM 110 MILLION AT&T CUSTOMERS
Kurt’s key takeaway
As the digital landscape evolves, so do the nasty threats we face. FrigidStealer is just the latest reminder that no platform, not even macOS, is immune to the growing sophistication of cybercriminals. With infostealers like Lumma, StealC, and Redline already compromising millions of devices and billions of credentials in 2024, the rise of AI-driven attacks and social engineering scams signals a challenging road ahead.
Do you think companies like Apple should be doing more to combat these evolving threats? Let us know in the comments below.
FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2025 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

1 comment
It is not just Apple that needs to put effort into securing its software. All software creators need to step up to the plate. Also, the political candidate that puts cyber security at the top of their agenda will get my vote no matter what party.