Atomic Macos Stealer

Malware Profile Updated 25 days ago
Download STIX
Preview STIX
Atomic macOS Stealer (AMOS), a powerful new malware, was launched in early 2023 and has quickly become a significant threat to Apple users. In April of the same year, Cyble Research and Intelligence Labs (CRIL) discovered a Telegram channel advertising this information-stealing malware. AMOS is capable of stealing a variety of information from infected machines, including Keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password. This malicious software is being sold as a service to malicious parties, increasing its potential for widespread use and damage. The AMOS malware is primarily distributed through fake browser updates targeting Mac systems. Depending on the victim's operating system, these deceptive files deliver either the Atomic macOS Stealer for Intel- or ARM-based devices, Rhadamanthys, or RisePro. The software has been dubbed "Doug: Atomic macOS Stealer" and is being actively promoted and sold on Telegram for $1,000 per month. From the time of its discovery until December 31, 2023, a subscription to the Atomic MacOS Stealer was available for only $2,000. Given the significant threat posed by AMOS, it's crucial for individuals and organizations to take steps to protect against this malware. It's essential to avoid suspicious downloads, emails, or websites that could be carrying the malware. Users should also be wary of fake browser updates, which are a common delivery method for this particular type of malware. Regularly updating security software and maintaining good cybersecurity hygiene can help mitigate the risk of infection.
What's your take? (Question 1 of 4)
2c792c74-a0c2-4eef-9184-4ba125dfe0f9 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Amos
2
AMOS is a malicious software (malware) that has been specifically designed to target Mac systems, both Intel-based and ARM-based. It is capable of stealing passwords, personal files, and information from crypto wallets, posing a significant threat to user security. AMOS was first identified as part
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Macos
Malware
Telegram
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Atomic Macos Stealer (AmosUnspecified
2
None
Source Document References
Information about the Atomic Macos Stealer Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
9 months ago
Links 08/09/2023: Release of Francis 1.0, EnterpriseDB Chooses GNU General Public License v3 for Component
Naked Security
a year ago
Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram
CERT-EU
5 months ago
Atomic Stealer rings in the new year with updated version | Malwarebytes
CERT-EU
a year ago
This New macOS Info-stealer in Town is Targeting Crypto Wallets | IT Security News
CERT-EU
a year ago
Cyber security week in review: April 28, 2023
Naked Security
a year ago
S3 Ep133: Apple takes “tight-lipped” to a whole new level
CERT-EU
9 months ago
Mac users hit by Atomic Stealer malware via malicious Google Search ads - 9to5Mac
Securityaffairs
a year ago
Atomic macOS Stealer is advertised on Telegram for $K per month
CERT-EU
a year ago
PSA: 'Atomic macOS Stealer' malware can compromise iCloud Keychain passwords, credit cards, crypto wallets
Securityaffairs
6 months ago
ClearFake campaign spreads macOS AMOS information stealer
CERT-EU
6 months ago
PSA: Watch out for these fake Safari and Chrome updates infecting Macs with AMOS - 9to5Mac
CERT-EU
a year ago
New Information Stealer ‘Mystic Stealer’ Rising to Fame
CERT-EU
a year ago
Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram | IT Security News
DARKReading
a month ago
Web3 Game Developers Targeted in Crypto Theft Scheme
CERT-EU
a year ago
ShadowVault macOS Stealer surfaces as the newest sophisticated Mac malware
Securityaffairs
9 months ago
A malvertising campaign is delivering a new version of macOS Atomic Stealer
CERT-EU
9 months ago
‘Atomic macOS Stealer’ Malware Delivered via Malvertising Campaign
CERT-EU
a year ago
Just for $1000 per month hack macOS computers with this undetectable malware
CERT-EU
10 months ago
New hVNC macOS Malware Advertised on Hacker Forum