--- title: "Coercive Hackers Extorting Payments, Personal Data Leaked by Cybercriminals, New MacOS Info-Stealer Discovered – Cybersecurity News | Phish Protection" description: "Coercive Hackers Extorting Payments, Personal Data Leaked by Cybercriminals, New MacOS Info-Stealer Discovered – Cybersecurity News: Threat actors." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-17-of-2023.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-17-of-2023/" --- Quick Answer Threat actors continue to expand their net and compromise systems worldwide in today's evolving \*\*cyber threat landscape\*\*. Follow this article for the latest \[phishing\](/resources/what-is-phishing) and breach-related updates this week. It is crucial to watch out for potential problems and take necessary \[phishing protection\](/) measures with regard to your company. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-17-of-2023%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Coercive%20Hackers%20Extorting%20Payments%2C%20Personal%20Data%20Leaked%20by%20Cybercriminals%2C%20New%20MacOS%20Info-Stealer%20Discovered%20%26%238211%3B%20Cybersecurity%20News&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-17-of-2023%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-17-of-2023%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-17-of-2023%2F&title=Coercive%20Hackers%20Extorting%20Payments%2C%20Personal%20Data%20Leaked%20by%20Cybercriminals%2C%20New%20MacOS%20Info-Stealer%20Discovered%20%26%238211%3B%20Cybersecurity%20News "Share on Reddit") [ ](mailto:?subject=Coercive%20Hackers%20Extorting%20Payments%2C%20Personal%20Data%20Leaked%20by%20Cybercriminals%2C%20New%20MacOS%20Info-Stealer%20Discovered%20%26%238211%3B%20Cybersecurity%20News&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-17-of-2023%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2023/04/anti-phishing-solutions-0716.jpg) Threat actors continue to expand their net and compromise systems worldwide in today’s evolving **cyber threat landscape**. Follow this article for the latest [phishing](/resources/what-is-phishing) and breach-related updates this week. It is crucial to watch out for potential problems and take necessary [phishing protection](/) measures with regard to your company. ### Hackers Using New Tactics Like Coercion To Extort Payments GuidePoint Security recently published its Q1 2023[GRIT Ransomware Report](https://www.guidepointsecurity.com/blog/quarterly-grit-ransomware-report-q1-2023/), in which researchers say that prominent ransomware groups are **increasingly** adopting innovative coercive strategies like [double extortion](https://gca.isa.org/blog/double-extortion-ransomware-what-it-is-and-how-to-respond#:~:text=In%20double%20extortion%2C%20cybercriminals%20encrypt,is%20unpaid%20by%20a%20deadline.) modus operandi. Furthermore, they observed Medusa and AlphV leaking sensitive information and pressuring victims to pay. In 2023 beginning, the LockBit ransomware group released negotiation chat logs with one of its victims, Royal Mail, which had failed. Although it is not an entirely new method, the ransomware groups probably use it to deter **aggressive negotiation tactics** and strengthen the effectiveness of their shaming strategies. Other coercive measures that ransomware groups deploy include launching [DDoS attacks](https://www.scmagazine.com/news/identity-and-access/killnet-ddos-attacks-decline-healthcare) and leaking selective data to the public to **gain media attention** and cause reputational damage to targeted organizations. ### Israel: Cybercriminals Leak Personal Details As Netanyahu’s Facebook Account Targeted Cybercriminals targeted Israeli Prime Minister Benjamin Netanyahu’s **Facebook account** on Wednesday evening and leaked identities and names of numerous Israelis. Additionally, another[cyber-attack](https://www.middleeastmonitor.com/20230427-israel-hackers-leak-thousands-of-personal-details-as-netanyahus-facebook-account-targeted/?&web%5Fview=true)targeted the country’s Atid group. The [cybercriminals](/blog/cybercriminals-are-duping-millions-of-accounts-in-the-latest-facebook-phishing-campaign/) started **broadcasting audio** content in Persian and Arabic on Netanyahu’s account, which the authorities removed “minutes” after the attack. According to Yedioth Ahronoth, a hacker group that goes by the name Sharpboys published “a file with 200,000 records , including victim names, identity cards, and addresses.” > In response, the Atid group said, “Hackers from **hostile countries** attempted to compromise the accounts of leading [educational institutions](https://www.fenews.co.uk/education/forty-seven-per-cent-of-educational-institutions-experienced-cyberattacks-on-their-cloud-infrastructure-in-2022/) in Israel, and we thwarted the attempt. As far as we know, little information was leaked.” ![Anti phishing solutions](https://media.mailhop.org/phishprotection/images/2023/04/anti-phishing-solutions-0716.jpg) ### Researchers Discover A New macOS Info-Stealer, Atomic. The Cyble research team discovered the latest **info-stealer malware**, which steals sensitive information like cookies, financial details, local files, and passwords stored in macOS browsers. Named[Atomic macOS Stealer](https://cyware.com/news/atomic-new-macos-info-stealer-in-town-34496257)(aka AMOS or Atomic), the developer is enhancing it with new features, and it received the latest update on April 25. _According to the researchers, Atomic is available for download on a private Telegram channel for a monthly subscription of $1,000._ It scans the system for installed software and steals details from them. The targeted applications are cryptocurrency [wallets](https://www.hackread.com/hackers-crypto-wallets-namecheap-phishing/) (Electrum, Atomic, Binance, and Exodus) and **web browsers** (Google Chrome, Firefox, Opera, Microsoft Edge, Yandex, and Vivaldi). ### Cyberattack Disrupts A Massachusetts City Government, Shuts Down Computers The City of Lowell recently alerted its residents about a cyberattack that targeted the municipality’s **computer systems**. City Manager Tom Golden said, “We realized around 3 to 5 a.m. Monday that there was a breach”, further adding that phones, emails, and other [city systems](https://threatpost.com/cyberattack-downs-pensacolas-city-systems/150982/) were **down** as a result. “The City’s Management Information Systems Department (MIS) discovered a **network disruption** impacting various systems. Consequently, the MIS determined that the best action was **segmenting and isolating** the systems to troubleshoot them further. Hence, phones, servers, networks, and systems throughout the City remained inaccessible as we focused on protecting the City’s data assets,” said a statement on Lowell city’s[Twitter page](https://www.cbsnews.com/boston/news/cyberattack-lowell-city-government/?&web%5Fview=true). ### Cybercriminals Use Over 3,000 Fake Facebook Profiles For Luring Victims Group-IB researchers detected a[huge phishing campaign](https://cyware.com/news/scammers-use-over-3000-fake-facebook-profiles-to-lure-victims-56b735d0)between February and March involving **fake Meta support staff** Facebook profiles. The attackers used approximately 3,200 profiles they created or hacked from genuine users. Out of the fake profiles, cybercriminals made 1,200 in March alone. According to the researchers, the [hackers](/phishing/hackers-now-going-after-software-tools-which-help-workers-collaborate) developed these pages in over **20 different languages**, and the key targets included public figures, sports personalities, celebrities, and businesses. ![Phishing Attacks Statistics](https://media.mailhop.org/phishprotection/images/2023/04/Phishing-Attacks-Statistics-1.png) When the potential victims clicked on the links on these fake pages, they were redirected to over 220 **phishing sites** having Meta or Facebook branding. The researchers said that the cybercriminals used these sites for phishing or [session hijacking attacks](https://owasp.org/www-community/attacks/Session%5Fhijacking%5Fattack#:~:text=The%20Session%20Hijacking%20attack%20compromises,access%20to%20the%20Web%20Server.). ### US Navy Contractor, The Fincantieri Marine Group Targeted In A Cyber-Attack A US commercial and defense shipbuilder having ties with the government became a **ransomware attack** target on April 12. [Fincantieri Marine Group (FMG)](https://www.infosecurity-magazine.com/news/us-navy-contractor-cyberattack/?&web%5Fview=true)acknowledged the cyberattack in a statement to USNI News last week and said it affected its **email server** and network operations. The statement reads, “The Fincantieri Marine Group suffered a network breach last week that explains the **temporary disruption** to a few computer systems on its network.” > “Our network security officials **immediately isolated** the targeted systems and reported the incident to the relevant partners and agencies. Furthermore, we roped in additional resources for investigating the incident and quickly **restoring full functionality** to the impacted systems.” The company is a subsidiary of Italy-based Fincantieri SpA. It said **no evidence** suggests that the cyberattack impacted [employees’ personal information](https://toronto.citynews.ca/2023/02/23/indigo-cybersecurity-hack-website-down/). The incident highlights the **potential impact** of such attacks on industrial control systems and why businesses need **robust detection systems** to identify and respond to such threats. Even if there was no [data theft](https://www.bleepingcomputer.com/news/security/rubrik-confirms-data-theft-in-goanywhere-zero-day-attack/), the disruption caused by the attack has severe operational and financial implications . ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Coercive Hackers Extorting Payments, Personal Data Leaked by Cybercriminals, New MacOS Info-Stealer Discovered – Cybersecurity News","description":"Coercive Hackers Extorting Payments, Personal Data Leaked by Cybercriminals, New MacOS Info-Stealer Discovered – Cybersecurity News: Threat actors.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-17-of-2023/","datePublished":"2023-04-24T04:40:47.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2023-04-24T04:40:47.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-17-of-2023/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":871,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2023/04/anti-phishing-solutions-0716.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Coercive Hackers Extorting Payments, Personal Data Leaked by Cybercriminals, New MacOS Info-Stealer Discovered – Cybersecurity News","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-17-of-2023/"}]} ```