Hackers have got a new way to reach and corrupt the macOS. The threat actors are reportedly selling a new malware name ‘Atomic macOS Stealer’ (AMOS) on the Telegram app. On their channel on the app, the seller is majorly targeting macOS platforms, which are capable of extracting autofill information, passwords, wallets, and more.
According to Cyble Research and Intelligence Labs (CRIL), the Atomic macOS Stealer malware is specifically designed to target macOS and can steal sensitive information from the victim's machine.
The researchers have discovered that the Telegram channel has been advertising this new information-stealing malware. Furthermore, the report stated that the hacker behind this stealer is constantly improving this malware and adding new capabilities to make it more effective.
The malware's most recent update was seen in a Telegram post on April 25, highlighting its latest features. As per the report, the Atomic macOS Stealer can steal various types of information from the victim's machine, including keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password.
In addition, the malware is designed to target multiple browsers and can extract auto-fills, passwords, cookies, wallets, and credit card information. Specifically, AMOS can target cryptowallets such as Electrum, Binance, Exodus, Atomic, and Coinomi.
The threat actor also offers additional services such as a web panel for managing victims, meta mask brute-forcing to steal seed and private keys, a crypto checker, and a dmg installer, after which the logs are shared via Telegram. These services are available for $1,000 per month.
However, the report mentioned that macOS users can protect their systems from AMOS malware by installing a .dmg file on their machines. After installing, users will need to authenticate the installation with a user password with a fake system dialogue box following installation. Once installed, it will scan for sensitive information, which it will steal with the system password if necessary, and send to a remote server.
ALSO READ: OnePlus Pad launched in India, pre-booking starts: Know more
ALSO READ: Microsoft brings Phone Link for iOS on Windows 11 with iMessage support
Inputs from IANS
