Atomic macOS Stealer Malware Can Steal Keychain Info, Files, Browser Wallets and More

by

While Apple's Macs are less targeted by malware than Windows PCs, concerning Mac malware does pop up regularly. This week, there's new Mac malware out in the wild that Mac users should be aware of.

macos atomic malware demo
Called Atomic macOS Stealer (AMOS), the malware was found on Telegram by Cyble Research. A Telegram user was selling access to the malware, which is designed to steal sensitive information like usernames and passwords.

Whoever designed the Atomic macOS Stealer is working behind the scenes to improve it and add new functionality to make it more effective. In its current incarnation, AMOS is able to access keychain passwords, system information, files from the desktop and documents folder, and the password of the Mac.

It is able to infiltrate browser apps like Chrome and Firefox, extracting autofill information, passwords, cookies, wallets, and credit card information. Cryptowallets like Electrum, Binance, and Atomic are specific targets.

macos atomic malware
AMOS can be purchased with a web panel that makes it easy to manage malware targets, along with tools for brute-forcing private keys. The malware and accompanying services to make it easier to use against victims can be purchased on Telegram for $1,000 per month.

A .dmg file is used to get the malware on a victim's machine, and once installed, it immediately begins accessing sensitive information and sending it to a remote server. A fake system prompt is presented to get access to the system password, and it asks for access to files in the documents and desktop folders.

Because this requires a user to click on a .dmg file to install, Mac users can avoid the malware by not installing any kind of untrusted software from an unverified source. Cyble Research recommends installing software from the Mac App Store, using strong passwords and multi-factor authentication, and using biometric authentication where possible.

Users should also avoid opening links in emails, using caution whenever an app asks for permissions, and keeping devices, operating systems, and apps up to date.

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Production Will Reportedly Begin Ramping Up in October

Tuesday July 23, 2024 2:00 pm PDT by
Following nearly two years of rumors about a fourth-generation iPhone SE, The Information today reported that Apple suppliers are finally planning to begin ramping up mass production of the device in October of this year. If accurate, that timeframe would mean that the next iPhone SE would not be announced alongside the iPhone 16 series in September, as expected. Instead, the report...
Read Full Article68 comments
iPhone 17 Plus Feature

iPhone 17 Lineup Specs Detail Display Upgrade and New High-End Model

Monday July 22, 2024 4:33 am PDT by
Key details about the overall specifications of the iPhone 17 lineup have been shared by the leaker known as "Ice Universe," clarifying several important aspects of next year's devices. Reports in recent months have converged in agreement that Apple will discontinue the "Plus" iPhone model in 2025 while introducing an all-new iPhone 17 "Slim" model as an even more high-end option sitting...
Read Full Article160 comments
Generic iPhone 17 Feature With Full Width Dynamic Island

Kuo: Ultra-Thin iPhone 17 to Feature A19 Chip, Single Rear Camera, Semi-Titanium Frame, and More

Wednesday July 24, 2024 9:06 am PDT by
Apple supply chain analyst Ming-Chi Kuo today shared alleged specifications for a new ultra-thin iPhone 17 model rumored to launch next year. Kuo expects the device to be equipped with a 6.6-inch display with a current-size Dynamic Island, a standard A19 chip rather than an A19 Pro chip, a single rear camera, and an Apple-designed 5G chip. He also expects the device to have a...
Read Full Article162 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Less Than Two Months Away: Everything We Know

Thursday July 25, 2024 5:43 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article130 comments
icloud private relay outage

iCloud Private Relay Experiencing Outage

Thursday July 25, 2024 3:18 pm PDT by
Apple’s iCloud Private Relay service is down for some users, according to Apple’s System Status page. Apple says that the iCloud Private Relay service may be slow or unavailable. The outage started at 2:34 p.m. Eastern Time, but it does not appear to be affecting all iCloud users. Some impacted users are unable to browse the web without turning iCloud Private Relay off, while others are...
Read Full Article80 comments
iPhone 17 Plus Feature Purple

iPhone 17 Rumored to Feature Mechanical Aperture

Tuesday July 23, 2024 9:32 am PDT by
Apple is planning to release at least one iPhone 17 model next year with mechanical aperture, according to a report published today by The Information. The mechanical system would allow users to adjust the size of the iPhone 17's aperture, which refers to the opening of the camera lens through which light enters. All existing iPhone camera lenses have fixed apertures, but some Android...
Read Full Article60 comments

Top Rated Comments

matt_and_187_like_this Avatar
matt_and_187_like_this
16 months ago
Even malware is on a subscription model these days
Score: 112 Votes (Like | Disagree)
AtomicDusk Avatar
AtomicDusk
16 months ago
hey y’all, I just want to hijack this thread and say that I can’t wait for sideloading on iOS because you can put whatever you want on your Mac.
/s
Score: 40 Votes (Like | Disagree)
sw1tcher Avatar
sw1tcher
16 months ago

Sounds like a great reason to only install from the App Store.

It's Apple behind this to prove why it's better to keep the App Store only for iOS and then do the same for the Mac!
Except Apple allows crapware onto their Mac App store too

https://www.macrumors.com/2023/04/25/chatgpt-scam-apps-mac-app-store/

not to mention all the junk on their iOS App store ('https://forums.macrumors.com/threads/psa-watch-out-for-fake-chatgpt-apps-and-other-scams-in-the-mac-app-store.2387808/page-2?post=32124285#post-32124285')
Score: 31 Votes (Like | Disagree)
LV426 Avatar
LV426
16 months ago
Next time macOS goes a bit loopy (literally) after an update and keeps asking you to re-enter your Apple ID password, you'd be justified in worrying that something like this is having a go at you.
Score: 20 Votes (Like | Disagree)
Rychiar Avatar
Rychiar
16 months ago

I only rely on Apple’s own Apple App Store on Mac. ?
I can’t think of anything i’ve ever gotten from the App Store. Even adobe isn’t on the App Store. Nor are things like VLC, superduper, emulators, bit torrent clients. Pretty much anything that makes a Mac Better than an iPad
Score: 18 Votes (Like | Disagree)
natnorth Avatar
natnorth
16 months ago
Looking at that browser list... you can see why Chrome and pretty much all "competing" browsers based on chrome isn't great for web competition. Firefox is the only one of two on there that doesn't hand over passwords
Score: 17 Votes (Like | Disagree)
Read All Comments