Infiniti Stealer macOS malware attack using fake Cloudflare CAPTCHA verification page

A newly discovered macOS malware, Infiniti Stealer, is targeting users through fake Cloudflare CAPTCHA verification pages. This attack uses a social engineering technique called ClickFix, tricking users into running malicious Terminal commands instead of exploiting software vulnerabilities.

Infiniti Stealer macOS malware attack using fake Cloudflare CAPTCHA verification pageInfiniti Stealer macOS malware attack using fake Cloudflare CAPTCHA verification page

The malware steals sensitive data including browser credentials, macOS Keychain information, cryptocurrency wallets, and developer secrets. It operates silently in the background and sends stolen data to remote servers.

Infiniti Stealer macOS malware attack using fake Cloudflare CAPTCHA verification pageInfiniti Stealer macOS malware attack using fake Cloudflare CAPTCHA verification page

The attack follows a three-stage infection process, making detection difficult. Security experts warn that no legitimate CAPTCHA will ever ask users to execute commands in Terminal.


NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, FraudProtector.net