• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new atomic macos malware steals keychain passwords and crypto wallets

New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets

You are here: Home / General Cyber Security News / New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets
April 28, 2023

Risk actors are marketing a new data stealer for the Apple macOS operating method called Atomic macOS Stealer (or AMOS) on Telegram for $1,000 per month, joining the likes of MacStealer.

“The Atomic macOS Stealer can steal several varieties of information from the victim’s equipment, like Keychain passwords, total method info, data files from the desktop and paperwork folder, and even the macOS password,” Cyble researchers reported in a complex report.

Among other options contain its capability to extract knowledge from web browsers and cryptocurrency wallets like Atomic, Binance, Coinomi, Electrum, and Exodus. Threat actors who buy the stealer from its developers are also furnished a prepared-to-use web panel for handling the victims.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The malware usually takes the form of an unsigned disk graphic file (Setup.dmg) that, when executed, urges the target to enter their method password on a bogus prompt to escalate privileges and carry out its destructive activities — a system also adopted by MacStealer.

The initial intrusion vector utilized to supply the malware is quickly not very clear, though it is really doable that people are manipulated into downloading and executing it under the guise of respectable software program.

The Atomic stealer artifact, submitted to VirusTotal on April 24, 2023, also bears the title “Idea-7..6.dmg,” suggesting that it is really getting propagated as the preferred take note-having application. Other samples unearthed by the MalwareHunterTeam are dispersed as “Photoshop CC 2023.dmg” and “Tor Browser.dmg.”

“Malware such as the Atomic macOS Stealer could be installed by exploiting vulnerabilities or hosting on phishing internet sites,” Cyble famous.

Approaching WEBINARLearn to Halt Ransomware with Serious-Time Security

Join our webinar and learn how to stop ransomware attacks in their tracks with authentic-time MFA and service account defense.

Preserve My Seat!

Atomic then proceeds to harvest program metadata, documents, iCloud Keychain, as well as details stored in web browsers (e.g., passwords, autofill, cookies, credit history card data) and crypto wallet extensions, all of which are compressed into a ZIP archive and sent to a remote server. The ZIP file of the compiled facts is then despatched to pre-configured Telegram channels.

The growth is another indication that macOS is progressively turning out to be a rewarding target beyond country-condition hacking teams to deploy stealer malware, earning it very important that buyers only obtain and install software from trusted sources, empower two-factor authentication, evaluate app permissions, and refrain from opening suspicious links been given via e-mails or SMS messages.

Discovered this posting interesting? Stick to us on Twitter  and LinkedIn to browse extra distinctive content material we post.


Some components of this post are sourced from:
thehackernews.com

Previous Post: «why your detection first security approach isn't working Why Your Detection-First Security Approach Isn’t Working
Next Post: Android Apps Fail to Protect User Data During Device Transfer Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
  • Top 10 Best Practices for Effective Data Protection
  • Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
  • Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
  • [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications
  • Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
  • Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
  • Pen Testing for Compliance Only? It’s Time to Change Your Approach
  • 5 BCDR Essentials for Effective Ransomware Defense
  • Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Copyright © TheCyberSecurity.News, All Rights Reserved.