Atomic Macos Stealer Amos

Malware updated 4 days ago (2024-11-29T13:56:01.533Z)
Download STIX
Preview STIX
In April 2023, Cyble Research and Intelligence Labs (CRIL) discovered a new malware named Atomic macOS Stealer (AMOS) being advertised for sale on a Telegram channel. The malware was found to be part of a larger operation involving several other variants such as Vidar, Lumma, and Octo. These threat actors utilized a GitHub profile to impersonate legitimate software applications including 1Password, Bartender 5, and Pixelmator Pro to distribute various types of malware, including AMOS. During the investigation, twelve websites were identified that falsely advertised downloads of legitimate macOS applications but instead directed victims to the deceptive GitHub profile to distribute AMOS. The Atomic macOS Stealer (AMOS) is designed to exploit and damage computer systems, primarily by stealing personal information. Once downloaded and installed, it can disrupt operations, steal sensitive data, or even hold data hostage for ransom. It was found to be bundled with Vortax, a purported virtual meeting software, which also delivered two other potent information stealers—Rhadamanthys and Stealc. The campaign demonstrated how attackers exploit trusted internet services to carry out cyberattacks that compromise personal information. Protection against AMOS involves vigilance in downloading software from trusted sources only and maintaining up-to-date security measures. Users are advised to avoid suspicious downloads, emails, or websites that could potentially harbor such malware. Regular system updates, use of reliable antivirus software, and avoiding unverified software downloads can significantly reduce the risk of infection. The discovery of AMOS underscores the importance of ongoing cybersecurity efforts to identify and neutralize such threats before they can cause significant harm.
Description last updated: 2024-07-09T13:16:43.929Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
1password
Telegram
Macos
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Vidar Malware is associated with Atomic Macos Stealer Amos. Vidar is a malicious software (malware) that primarily targets Windows systems, written in C++ and based on the Arkei stealer. It has historically been favored by threat actors who sell logs through marketplaces like 2easy, alongside other infostealers such as Raccoon, RedLine, and AZORult. The malwUnspecified
2
Associated Vulnerabilities
To see the evidence that has resulted in these vulnerability associations, create a free account
Alias DescriptionAssociation TypeVotes
The vulnerability Atomic Macos Stealer (Amos is associated with Atomic Macos Stealer Amos. Unspecified
4
Source Document References
Information about the Atomic Macos Stealer Amos Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Recorded Future
5 months ago
Recorded Future
5 months ago
Recorded Future
6 months ago
Securityaffairs
6 months ago
Recorded Future
7 months ago
InfoSecurity-magazine
7 months ago
CERT-EU
a year ago
Securityaffairs
a year ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
a year ago
CERT-EU
2 years ago
Securityaffairs
2 years ago
CERT-EU
2 years ago