What is ClearFake? Is It a Big Threat After DeepFake in 2023?

Now the issue of Deepfake has not stopped yet another problem has arisen which is called ClearFake. Today we will try to know about what is ClearFake, how does ClearFake work and other related issues.

Randy McEoin, a cybersecurity researcher, published an analysis of a new malicious JavaScript framework deployed on compromised websites to deliver additional malware via the drive-by download technique on August 26, 2023. 

It was named ClearFake owing to the clear text JavaScript injected into the compromised website.

What is ClearFake?
What is ClearFake?

What is ClearFake?

At the beginning of 2023, researchers identified Atomic macOS Stealer (AMOS), an advanced malware that primarily targets Apple users, as a new cyber threat. But, it does not mean that Windows and other OS based systems are safe.

Once installed, the AMOS malware can steal your private data from your infected device and it can get you into trouble. Credit card numbers, cryptocurrency wallet passwords, iCloud Keychain passwords, etc. are examples of this data which will be compromised. 

Even though the malware was already dangerous, a recent revelation shows that hackers are now using a fake browser update chain known as “ClearFake” to infect Mac users with AMOS.

As I said earlier, “ClearFake” is a fake browser update chain which is basically a malicious Javascript framework. It is a type of Deepfake but more dangerous than that.

How Does ClearFake Work?

ClearFake is a type of Deepfake that is created by manipulating images or videos etc. with machine learning to make them appear genuine. Image splicing, facial recognition, and voice synthesis are some of the techniques that can be used.

It can be used to disseminate misinformation, fabricate fake news stories, and impersonate individuals. According to Malwarebytes, a provider of cyber threat alert systems, hackers are infecting Mac users with AMOS using the ClearFake technique.

ClearFake was discovered in Windows attacks and spreads fake Safari and Chrome browser updates via hacked websites. 

Attackers are reaching more people by utilizing this growing network of hijacked websites. They can obtain sensitive data and login credentials from users who download the virus, which they can use for future attacks or immediate financial gain.

What is ClearFake?
What is ClearFake?

You may also like:

How ClearFake Installs Malware in Mac or Other Systems?

ClearFake is being used to distribute AMOS [i.e., Atomic MacOS Stealer malware] that steals important information from its victims especially from the Apple systems or systems based on Mac OS. But, it is equally dangerous for Windows or other OS based systems.

In order to inject malicious JavaScript code, the attackers create bogus websites. When a user visits such a website, he or she will see fraudulent prompts that appear to be official Safari or Chrome browser updates. These notifications have been carefully designed to encourage users to click, thereby initiating the download and installation of AMOS malware in their systems.

After clicking the link to the false update, unsuspecting users are directed to a website that secretly downloads and installs AMOS malware onto their systems. 

After installation, AMOS infiltrates the victim’s system invisibly, gaining unauthorized access to sensitive data. Its primary goal is to steal your sensitive information such as iCloud Keychain passwords, credit card numbers, and cryptocurrency wallets etc. and to put you into trouble.

ClearFake’s adaptability causes concern because it is also targeting Windows users in addition to macOS users. This is how attackers are expanding their domain of foul play.

This shift highlights the changing nature of cyber attack techniques, emphasizing the importance of increased awareness and proactive measures.

What Is The Difference Between ClearFake and Deepfake?

ClearFake is a form of Deepfake in which attackers use machine learning and AI to manipulate photos, videos etc. and try to deceive people. 

On one hand, through Deepfake technology, fraud people can blackmail the deceived people with their fake photos and videos and can tarnish their reputation, on the other hand, through ClearFake, these people can also steal their hard earned money and put them in trouble.

How To Prevent ClearFake?

To keep your system safe from ClearFake, you should follow the following tips:

  • Use trustworthy sources for downloading or updating software. Don’t download software from untrusted or unknown sources.
  • When urged to bypass macOS GateKeeper protections, proceed with caution. If an app asks you to circumvent these safeguards, it should raise a red flag, and you should proceed with caution.
  • Check the legitimacy of an app before installing it from a source other than the Mac App Store or other trusted source. Check the website’s creation date to ensure its authenticity.
  • Updating operating systems and software is critical for ensuring that security flaws are addressed and the most recent security measures are in place.
  • Update Safari or Chrome browsers etc. from its official sources.
  • Use of good Antivirus or Anti-Malware software can diminish the threat of ClearFake.


What is ClearFake?
What is ClearFake?


What To Do If You Are A Victim of ClearFake?

  • Immediately disconnect your system from the network or Wi-Fi.
  • Block your Credit Card, Debit Card, UPI etc. immediately or change their password.
  • Keep an eye on your credit card’s and other financial statements. If abnormality is observed, immediately contact the concerned bank or concerned financial institutions.
  • Maintain regular backups of your system so that it can be used after restoration of your system.
  • Format the system and then install the new operating system.
  • Report immediately to the Cybercrime Prevention Cell or related department.


We have seen in this article, how fraud people can put you in big trouble by using the latest cybercrime techniques like ClearFake which is one step ahead from its elder brother Deepfake. So, my friend, be cautious and do take all the necessary precautions while using the Internet.

That’s all my friends for now! I hope this article will be valuable for you. I will love your valuable comments and feedback. You can reach me through the emails given below.


Abhijit Ranjan



1 thought on “What is ClearFake? Is It a Big Threat After DeepFake in 2023?”

Leave a comment