Your Favorite Websites Could Be a Trap 🕸️

Imagine this: You’re browsing a trusted website, and suddenly, a pop-up claims your Chrome browser needs an urgent update. Sounds legit, right? WRONG. Hackers are exploiting outdated WordPress sites and plugins to hijack your browser and push malware designed to steal your passwords, crypto wallets, and sensitive data. This isn’t a drill—it’s happening RIGHT NOW.

“This is a widespread and very commercialized attack. It’s a spray-and-pay campaign targeting anyone who visits these compromised sites.”

Himanshu Anand, c/side Security Researcher

How the Attack Works 🎯

Here’s the playbook hackers are using to infiltrate your devices:

• Step 1: Hackers exploit outdated WordPress plugins and themes to inject malicious scripts into websites.
• Step 2: When you visit the compromised site, a fake Chrome update page appears, urging you to download an “update.”
• Step 3: Depending on your OS, you’re prompted to download either Amos Atomic Stealer (for Mac) or SocGholish (for Windows).
• Step 4: Once installed, the malware steals your credentials, session cookies, and even crypto wallets, handing hackers the keys to your digital kingdom.

Why This Attack is So Dangerous 💣

This isn’t just another phishing scam. It’s a full-blown cyberwar targeting EVERYONE. Here’s why it’s terrifying:

• Scale: Over 10,000 websites have already been compromised, including some of the most popular sites on the internet.
• Stealth: The malware is designed to blend in, masquerading as legitimate updates.
• Profit-Driven: Hackers are using a malware-as-a-service model, selling access to tools like Amos Atomic Stealer on platforms like Telegram.

“Amos is definitively the most prolific stealer on macOS. It’s a wake-up call for Apple users to stay vigilant.”

Patrick Wardle, macOS Security Expert

How to Protect Yourself 🛡️

Don’t let hackers win. Here’s how to stay safe:

• Update Your Browser: Always update Chrome through its built-in software update feature—never trust third-party prompts.
• Install Trusted Apps: Only download software from official sources like the App Store or verified developers.
• Check Website Security: Use tools like c/side to scan for malicious scripts on websites you frequent.
• Enable Two-Factor Authentication (2FA): Even if hackers steal your password, 2FA adds an extra layer of protection.

The Bigger Picture 🌍

This attack is a stark reminder of the growing sophistication of cybercriminals. From the Snowflake data breach in 2024 to this WordPress hijacking campaign, hackers are getting bolder and more organized. The stakes? Your personal data, your money, and your digital identity.

Stay sharp, stay updated, and don’t let hackers win. Your online safety depends on it.