Security News > 2023 > April > New Atomic macOS info-stealing malware targets 50 crypto wallets
A new macOS information-stealing malware named 'Atomic' is being sold to cybercriminals via private Telegram channels for a subscription of $1,000 per month.
For this hefty price, buyers get a DMG file containing a 64-bit Go-based malware designed to target macOS systems and steal keychain passwords, files from the local filesystem, passwords, cookies, and credit cards stored in browsers.
The malware also attempts to steal data from over 50 cryptocurrency extensions, which have become a popular target for information-stealing malware.
Upon executing the malicious dmg file, the malware displays a fake password prompt to obtain the system password, allowing the attacker to gain elevated privileges on the victim's machine.
The malware must request permission to access these files, which creates an opportunity for victims to realize the malicious activity.
When stealing data, the malware will pack it all into a ZIP file and then send it to the threat actor's command and control server, which Cyble says is located at "Amos-malware[.]ru/sendlog."
News URL
Related news
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Decentralization is happening everywhere, so why are crypto wallets “walled gardens”? (source)
- Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Google Play, Apple App Store apps caught stealing crypto wallets (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign (source)
- SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- XCSSET macOS malware returns with first new version since 2022 (source)