Urgent warning to millions of Apple users over ‘fake update’ that steals money and passwords

Apple users beware: researchers have uncovered a new malware wreaking havoc on Mac devices.

Initially targeting Windows users back in July, the crafty cyber threat is spreading - now setting its sights on owners of Apple products, specifically those running macOS.

Being tracked as ClearFake, the threat comes in the form of a fake browser created by an existing malware called Atomic Stealer - also known as AMOS.

NurPhoto / Contributor / Getty Images

The way it works is pretty sly. It bombards users with bogus Google Chrome update notifications thanks to some sneaky JavaScript injections - basically tricking victims into downloading the malware under the disguise of a popular application.

Security firm Malwarebytes said that because ClearFake has become one of the main social engineering campaigns recently - meaning it uses nefarious tactics to gain your information - Mac users should be particularly careful.

“This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only in terms of geolocation but also the operating system,” the browser guard company said in a blog post.

“With a growing list of compromised sites at their disposal, the threat actors are able to reach out to a wider audience, stealing credentials and files of interest that can be monetized immediately or repurposed for additional attacks.”

So, if you're browsing on a Mac and stumble upon a compromised website, be vigilant: you might unwittingly download a malicious file designed to mess with your system and maybe even steal your data.

It reportedly has the potential to pilfer your passwords, swipe documents, photos, videos and even raid over 50 cryptocurrency extensions and keychain passwords. The stolen data then typically ends up on the attacker's servers, where it's used for all sorts of dodgy deeds like identity theft, financial fraud and extortion.

NurPhoto / Contributor / Getty Images

Malwarebytes recommends using web protection tools to block any malicious software associated with the threat.

Try to steer clear of apps from unofficial sources, as they could be masked malware. Also, those weird pop-up windows that scream 'Download me!'? Just say no. It's better to play it safe than sorry when it comes to protecting your digital life.

Think your Mac might already be hosting this unwelcome visitor? Whip out your antivirus software and give your computer a thorough scan.

Be sure to keep an eye on your browser extensions for anything that looks out of place, too. And remember, keeping your device up-to-date is also crucial.