Cyber security company Cyble Research recently on Telegram, found that there are hackers are peddling malware for macOS – Atomic macOS Stealer (AMOS).
The company says the malware developers are still refining its capabilities and increasing its destructive power. the current version of AMOS accesses keychain passwords, system information, files in the desktop and documents folders, and passwords for the Mac.
AMOS can also infiltrate browser applications such as Chrome and Firefox to extract autofill information, passwords, cookies, wallet and credit card information, and search encrypted wallets such as Electrum, Binance and Atomic to facilitate the theft of related information and property.
AMOS is sold with a web panel and costs $1,000 per month (currently about RMB 6,930). This means attackers can quickly get started and launch attacks on macOS users.
The malware spreads via .dmg files and once the device is infected, it immediately starts accessing sensitive information and sending it to a remote server. The system displays fake system prompts to obtain the system password and asks for access to files in the Documents and Desktop folders.
Because this requires users to click on a .dmg file to install, Mac users can avoid malware by not installing untrusted software from unverified sources. cyble Research recommends installing software from the Mac App Store, using strong passwords and multi-factor authentication, and using biometric authentication whenever possible.