Security News > 2023 > April > New Atomic macOS info-stealing malware targets 50 crypto wallets
A new macOS information-stealing malware named 'Atomic' is being sold to cybercriminals via private Telegram channels for a subscription of $1,000 per month.
For this hefty price, buyers get a DMG file containing a 64-bit Go-based malware designed to target macOS systems and steal keychain passwords, files from the local filesystem, passwords, cookies, and credit cards stored in browsers.
The malware also attempts to steal data from over 50 cryptocurrency extensions, which have become a popular target for information-stealing malware.
Upon executing the malicious dmg file, the malware displays a fake password prompt to obtain the system password, allowing the attacker to gain elevated privileges on the victim's machine.
The malware must request permission to access these files, which creates an opportunity for victims to realize the malicious activity.
When stealing data, the malware will pack it all into a ZIP file and then send it to the threat actor's command and control server, which Cyble says is located at "Amos-malware[.]ru/sendlog."
News URL
Related news
- Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses (source)
- Crypto Developers Targeted by Python Malware Disguised as Coding Challenges (source)
- Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers (source)
- Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals (source)
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures (source)
- Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets (source)