Just Another Blue Teamer

@LeeArchinal@ioc.exchange

Happy Monday everyone!

CrowdStrike is reminding us that just because some of us use Macs, doesn't mean we are malware proof! In this case the cybercriminal group dubbed

#COOKIESPIDER
 was deploying their stealer known as
#SHAMOS
.

Using a combination of malvertising and the

#ClickFix
technique, the group would trick their victim's into installing the Shamos stealer which leads to it running "host reconnaissance and data collection tasks, including searching for known cryptocurrency-related wallet files and sensitive credential-based files on disk".

As always, take a read for yourself to see all the details I left out! Enjoy and Happy Hunting!

Falcon Platform Prevents COOKIE SPIDER’s SHAMOS Delivery on macOS
crowdstrike.com/en-us/blog/fal

Intel 471 Cyborg Security, Now Part of Intel 471

#ThreatIntel
#ThreatHunting
#ThreatDetection
#HappyHunting
#readoftheday

August 25, 2025 at 4:26:02 PM

Elk Logo

Welcome to Elk!

Elk is a nimble Mastodon web client. You can login to your Mastodon account and use it to interact with the fediverse.

Expect some bugs and missing features here and there. Elk is Open Source and we're actively improving it as a community project. Join us and let's build it together!

If you'd like to report a bug, help us testing, give feedback, or contribute, reach out to us on GitHub and get involved.

To boost development, you can sponsor the Team through GitHub Sponsors. We hope you enjoy Elk!

Patak三咲智子 Kevin DengJoaquín SánchezTAKAHASHI ShuujiAnthony FuDaniel Roe

The Elk Team