Compared to Windows, macOS is considered to be more robust and secure against malware and virus. However, that doesn’t stop hackers and bad actors from targeting Apple’s operating system for Mac devices. According to a report by Cyble Research and Intelligence Labs (CRIL), a Telegram channel has been advertising a new information-stealing malware called Atomic macOS Stealer (AMOS). As per the report, the malware can steal sensitive information — passwords, bank details — from the victim’s machine.
How does Atomic macOS Stealer work?
CRIL report notes that the “Atomic macOS Stealer can steal various types of information from the victim’s machine, including keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password.”
Since all these details are extremely critical, the malware can prove really dangerous. The malware has the ability to target multiple browsers, which means that data in Safari, Chrome or Edge is at risk. Users have the feature to auto-fill passwords, credit card information among other sensitive information in their browsers.
Furthermore, the malware has also been designed to target cryptowallets such as Electrum, Binance, Exodus, Atomic, and Coinomi.
A.dmg file — commonly used — is sent across to the target’s machine and plants the malware. If a user ends up installing the dmg file on macOS, then the malware has access to confidential information, which it then sends to a remote server.
How does Telegram come into the picture?
According to the report, the malware “also provides additional services such as a web panel for managing victims, meta mask brute-forcing for stealing seed and private keys, crypto checker, and dmg installer, after which it shares the logs via Telegram.” All these services are then offered at a price of $1,000 per month.
Users need to be careful and download apps only from the official App Store. It also helps to have two-factor authentication enabled in various apps and services.
How does Atomic macOS Stealer work?
CRIL report notes that the “Atomic macOS Stealer can steal various types of information from the victim’s machine, including keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password.”
Since all these details are extremely critical, the malware can prove really dangerous. The malware has the ability to target multiple browsers, which means that data in Safari, Chrome or Edge is at risk. Users have the feature to auto-fill passwords, credit card information among other sensitive information in their browsers.
Furthermore, the malware has also been designed to target cryptowallets such as Electrum, Binance, Exodus, Atomic, and Coinomi.
A.dmg file — commonly used — is sent across to the target’s machine and plants the malware. If a user ends up installing the dmg file on macOS, then the malware has access to confidential information, which it then sends to a remote server.
How does Telegram come into the picture?
According to the report, the malware “also provides additional services such as a web panel for managing victims, meta mask brute-forcing for stealing seed and private keys, crypto checker, and dmg installer, after which it shares the logs via Telegram.” All these services are then offered at a price of $1,000 per month.
Users need to be careful and download apps only from the official App Store. It also helps to have two-factor authentication enabled in various apps and services.
window.TimesApps = window.TimesApps || {}; var TimesApps = window.TimesApps; TimesApps.toiPlusEvents = function(config) { var isConfigAvailable = "toiplus_site_settings" in f && "isFBCampaignActive" in f.toiplus_site_settings && "isGoogleCampaignActive" in f.toiplus_site_settings; var isPrimeUser = window.isPrime; if (isConfigAvailable && !isPrimeUser) { loadGtagEvents(f.toiplus_site_settings.isGoogleCampaignActive); loadFBEvents(f.toiplus_site_settings.isFBCampaignActive); } else { var JarvisUrl="https://jarvis.indiatimes.com/v1/feeds/toi_plus/site_settings/643526e21443833f0c454615?db_env=published"; window.getFromClient(JarvisUrl, function(config){ if (config) { loadGtagEvents(config?.isGoogleCampaignActive); loadFBEvents(config?.isFBCampaignActive); } }) } }; })( window, document, 'script', );
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
