According to a new report from Cyble Research and Intelligence Labs (CRIL), hackers have created new malware that targets macOS and steals important private information, such as keychain and macOS user account passwords, system and files in the Desktop and Documents folder. .
Dubbed Atomic macOS Stealer (AMOS), the malware also targets browsers and searches for information such as usernames, passwords, credit card numbers, cookies, etc. CRIL research also revealed that AMOS specifically targets crypto wallets from Atomic, Binance, Coinomi, Electrum, Exodus and others.
“THE [threat actor] behind this thief is constantly improving this malware and adding new features to make it more effective,” according to CRIL, who found AMOS on Telegram, a service that offers private massage channels. In one of these channels, the creators of AMOS advertised their malware for $1,000 per month. If one were to enlist AMOS, they would have access to the malware, as well as “a web panel for victim management, brute force metamask to steal seed and private keys, a crypto checker, and a program dmg installation, after which it shares the logs via Telegram.
AMOS spreads via unsigned disk image files (.dmg), which are common when downloading new applications. When the user opens the .dmg file, they are asked to enter their Mac user password, which then triggers the malware. The .dmg file may have filenames that appear legitimate – instances of fake disk images labeled “Notion-7.0.6.dmg”, “Photoshop CC 2023.dmg”, and “Tor Browser.dmg” have been reported on VirusTotal, a website that analyzes suspicious files and tracks them in a database.
The CRIL report follows a report released last week by MalwareHunterTeam, which found that a collective known as LockBit is working on ransomware encryptors that attack macOS. As Wired pointed out in its report on LockBit, threat actors are starting to target Macs more frequently in an effort to find new victims.
Apple has protections in place in macOS and the company releases security patches through OS updates, so it’s important to install them as soon as possible. And as always, when you download software, get it from trusted sources, such as the App Store (which performs security checks of its software) or directly from the developer. igamesnews has several guides to help you, including a guide on whether or not you need antivirus software, a list of Mac viruses, malware, and Trojans, and a comparison of Mac security software.
