Atomic Macos Stealer

Malware updated 23 days ago (2024-11-29T13:38:30.176Z)
Download STIX
Preview STIX
The Atomic macOS Stealer (AMOS) is a powerful new malware that emerged in early 2023, targeting Apple users. It was discovered by Cyble Research and Intelligence Labs (CRIL) in April of the same year when it was advertised for sale on Telegram. AMOS can steal various types of information from infected machines, including Keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password. This malware has since become a growing threat to macOS users. AMOS was part of an extensive campaign aimed at cryptocurrency theft and was delivered alongside other infostealers such as Rhadamanthys and Stealc in cross-platform attacks. These infostealers were hidden in fake browser updates or disguised as legitimate software, targeting both Intel- and ARM-based devices depending on the victim's operating system. The use of these deceptive tactics made it more difficult for users to recognize and avoid the threat. From its discovery until December 31, 2023, a subscription to the Atomic macOS Stealer was sold for $2000, making it accessible to malicious parties seeking to exploit macOS users. Despite its high cost, the malware was popular due to its effectiveness and the potential financial gain for those using it for illicit purposes. As such, AMOS represents a significant cybersecurity threat that requires ongoing vigilance and robust protective measures.
Description last updated: 2024-06-18T16:16:06.112Z
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Amos is a possible alias for Atomic Macos Stealer. AMOS is a malicious software (malware) specifically designed to target macOS systems. First identified in early 2023, it has been associated with campaigns such as the ClearFake campaign, which spread the AMOS information stealer across macOS devices. This malware is particularly dangerous due to it
3
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Macos
Malware
Telegram
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Vulnerabilities
To see the evidence that has resulted in these vulnerability associations, create a free account
Alias DescriptionAssociation TypeVotes
The vulnerability Atomic Macos Stealer (Amos is associated with Atomic Macos Stealer. Unspecified
2
Source Document References
Information about the Atomic Macos Stealer Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Malwarebytes
a year ago
InfoSecurity-magazine
6 months ago
DARKReading
8 months ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
2 years ago
CERT-EU
2 years ago
Naked Security
2 years ago
Securityaffairs
a year ago
CERT-EU
2 years ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
Securityaffairs
2 years ago
CERT-EU
2 years ago
Naked Security
2 years ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago