Security News > 2023 > April > New Atomic macOS info-stealing malware targets 50 crypto wallets
A new macOS information-stealing malware named 'Atomic' is being sold to cybercriminals via private Telegram channels for a subscription of $1,000 per month.
For this hefty price, buyers get a DMG file containing a 64-bit Go-based malware designed to target macOS systems and steal keychain passwords, files from the local filesystem, passwords, cookies, and credit cards stored in browsers.
The malware also attempts to steal data from over 50 cryptocurrency extensions, which have become a popular target for information-stealing malware.
Upon executing the malicious dmg file, the malware displays a fake password prompt to obtain the system password, allowing the attacker to gain elevated privileges on the victim's machine.
The malware must request permission to access these files, which creates an opportunity for victims to realize the malicious activity.
When stealing data, the malware will pack it all into a ZIP file and then send it to the threat actor's command and control server, which Cyble says is located at "Amos-malware[.]ru/sendlog."
News URL
Related news
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- Windows, macOS users targeted with crypto-and-info-stealing malware (source)
- Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- New RustyAttr Malware Targets macOS Through Extended Attribute Abuse (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Crypto-stealing malware posing as a meeting app targets Web3 pros (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)