Hackers selling new malware on Telegram that targets macOS users


San Francisco, May 1 (IANS): Threat actors are selling a new malware called -- Atomic macOS Stealer (AMOS) on the Telegram channel to target macOS platforms, which is capable of extracting autofill information, passwords, wallets, and more.

According to Cyble Research and Intelligence Labs (CRIL), the Atomic macOS Stealer malware is specifically designed to target macOS and can steal sensitive information from the victim's machine.

The researchers have recently discovered a Telegram channel advertising this new information-stealing malware.

Moreover, the report said that the hacker behind this stealer is constantly improving this malware and adding new capabilities to make it more effective.

The malware's most recent update was seen in a Telegram post on April 25, highlighting its latest features.

According to the report, the Atomic macOS Stealer can steal various types of information from the victim's machine, including keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password.

In addition, the malware is designed to target multiple browsers and can extract auto-fills, passwords, cookies, wallets, and credit card information. Specifically, AMOS can target cryptowallets such as Electrum, Binance, Exodus, Atomic, and Coinomi.

The threat actor also offers additional services such as a web panel for managing victims, meta mask brute-forcing to steal seed and private keys, a crypto checker, and a dmg installer, after which the logs are shared via Telegram.

These services are available for $1,000 per month.

However, the report mentioned that macOS users can protect their systems from AMOS malware by installing a .dmg file on their machines.

After installing, users will need to authenticate the installation with a user password with a fake system dialog box following installation.

Once installed, it will scan for sensitive information, which it will steal with the system password if necessary, and send to a remote server.

 

  

Top Stories


Leave a Comment

Title: Hackers selling new malware on Telegram that targets macOS users



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.