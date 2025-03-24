New Delhi: Threat actors behind a sophisticated phishing attack against Windows users, have now switched gears to target Mac users.

The hackers changed their target to Mac and Safari users after Microsoft issued a new anti-scareware update for its Edge browser, according to a report by ZDnet.

The report stated that cybersecurity firm LayerX Labs has uncovered a phishing campaign intended to steal potential victims’ Apple ID credentials.

“Such access could give them access to the user’s iCloud account, including files, pictures, phone backups, and more. Moreover, once hackers have one password belonging to a user, they often try to do ‘credential stuffing’ across multiple systems and services,” Eyal Arazi, the product marketing head at LayerX, was quoted as saying.

According to LayerX, the scammers behind the phishing attack ramped up their activities between 2024 to 2025 after it turned out to be initially successful.

The modus operandi of the campaign against Windows users involved fake websites that had been set up by the scammers. These websites were well-designed and looked professional. They displayed fake security warnings to trick potential victims into thinking that their device has been hacked.

After the scam victim had been duped into entering their Windows username and password, the bad actors would execute lines of code to freeze the web page in order to make it seem like their devices had, indeed, been hacked.

The fake websites were reportedly hosted on Microsoft’s Windows.net platform, which appeared to give the fake security warnings some legitimacy. The scammers run the code to freeze the site through random sub-domains under Windows.net

The scammers were also able to avoid detection for long by frequently updating the phishing sites and using anti-bot and CAPTCHA verification to block automated web crawlers security professionals use to find malicious pages.