Security News > 2023 > April > New Atomic macOS info-stealing malware targets 50 crypto wallets
A new macOS information-stealing malware named 'Atomic' is being sold to cybercriminals via private Telegram channels for a subscription of $1,000 per month.
For this hefty price, buyers get a DMG file containing a 64-bit Go-based malware designed to target macOS systems and steal keychain passwords, files from the local filesystem, passwords, cookies, and credit cards stored in browsers.
The malware also attempts to steal data from over 50 cryptocurrency extensions, which have become a popular target for information-stealing malware.
Upon executing the malicious dmg file, the malware displays a fake password prompt to obtain the system password, allowing the attacker to gain elevated privileges on the victim's machine.
The malware must request permission to access these files, which creates an opportunity for victims to realize the malicious activity.
When stealing data, the malware will pack it all into a ZIP file and then send it to the threat actor's command and control server, which Cyble says is located at "Amos-malware[.]ru/sendlog."
News URL
Related news
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition (source)
- Crypto-stealing malware campaign infects 28,000 people (source)
- macOS HM Surf vuln might already be under exploit by major malware family (source)
- Perfctl malware strikes again as crypto-crooks target Docker Remote API servers (source)
- Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- New RustyAttr Malware Targets macOS Through Extended Attribute Abuse (source)