New malware targeting macOS users is being sold on Telegram
A new macOS malware being sold on Telegram is capable of extracting autofill information, passwords, wallets, and more -- but it's easy to avoid. Here's how.
Malware illustration
While Mac users don't often need to worry about malware as much as Windows users do, there are still malicious actors who target macOS. First spotted by Cyble Research, the Atomic macOS Stealer (AMOS) is a highly effective program designed to extract a wide range of information from a victim's computer.
Data that can be stolen by AMOS includes passwords saved in the Keychain, system details, files from the desktop and documents folder, and even the macOS user password.
It is specifically tailored to target popular browsers like Firefox and Chrome. From browsers, it can effortlessly extract autofills, passwords, cookies, wallets, and credit card information.
Furthermore, it can target some of the most popular cryptowallets, such as Electrum, Binance, Exodus, Atomic, and Coinomi.
There is a web panel that comes with AMOS, which makes it simple to handle malware targets, in addition to tools for brute-forcing private keys. AMOS is currently being sold on Telegram for a monthly fee of $1,000.
So, as usual, common sense applies. Mac users can avoid AMOS by installing software from the Mac App Store, and avoiding installing files from unverified sources including links sent via email from questionable or unverifiable sources.
Read on AppleInsider
Malware illustration
While Mac users don't often need to worry about malware as much as Windows users do, there are still malicious actors who target macOS. First spotted by Cyble Research, the Atomic macOS Stealer (AMOS) is a highly effective program designed to extract a wide range of information from a victim's computer.
Data that can be stolen by AMOS includes passwords saved in the Keychain, system details, files from the desktop and documents folder, and even the macOS user password.
It is specifically tailored to target popular browsers like Firefox and Chrome. From browsers, it can effortlessly extract autofills, passwords, cookies, wallets, and credit card information.
Furthermore, it can target some of the most popular cryptowallets, such as Electrum, Binance, Exodus, Atomic, and Coinomi.
There is a web panel that comes with AMOS, which makes it simple to handle malware targets, in addition to tools for brute-forcing private keys. AMOS is currently being sold on Telegram for a monthly fee of $1,000.
How to protect yourself from AMOS
The malware requires users to install a .dmg file on their machines, and authenticate the installation with a user password with a fake system dialog box following installation. Once installed, it scans for sensitive information, which it purloins with the system password if it needs to, and sends it to a remote server.So, as usual, common sense applies. Mac users can avoid AMOS by installing software from the Mac App Store, and avoiding installing files from unverified sources including links sent via email from questionable or unverifiable sources.
Read on AppleInsider
Comments
Just stay away from illegal software as the malware an piggyback. And if for some reason a DMG is unsigned, treat it with the highest suspicioun.
- New apps and processes have popped up out of nowhere. In such a case, it’s best to remove them
- Whenever you open your browser, you are driven to some other browser. Quite possibly, your Mac is under attack
- Your browser is bombarded with ads and pop-ups
- The various files are locked on your Mac. The malware has probably affected your files
- Sudden Mac freezes or dip in performance has become common
You must have a best anti malware for your mac like bitdefender, intego etc.