Cybercriminals are ramping up their use of fake software updates to distribute malware, and Mac users are in the crosshairs with a new strain.

The truth of the matter is that new hacking groups are emerging all the time, along with new Mac malware threats that target your device. Two new criminal enterprises have been identified with one common and dangerous denominator: FrigidStealer Apple data theft attacks.

Proofpoint has identified a new MacOS malware delivered via web inject campaigns that researchers dubbed “FrigidStealer.” The data protection company says the web inject campaign landscape is increasing,

The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer.

TA2726, per the enterprise security firm, acts as a TDS for TA2727 and another threat actor called TA569, which is responsible for the distribution of a JavaScript-based loader malware referred to as SocGholish (aka FakeUpdates) that often masquerades as a browser update on legitimate-but-compromised sites.

As reported by BleepingComputer, a new FakeUpdate campaign has been spotted online by security researchers at Proofpoint. What sets this campaign apart from previous ones is the fact that it’s being used to deliver a new Mac malware called FrigidStealer to the best MacBooks and other Apple computers.

Researchers warn of rising macOS-targeted attacks as hackers exploit fake updates to bypass security. FrigidStealer malware highlights growing enterprise risks.