Atomic Stealer Amos

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
Atomic Stealer (AMOS) is a software vulnerability specifically designed to target macOS devices. This flaw in software design or implementation was discovered and documented by Malwarebytes Labs researchers last year. Cybercriminals have been exploiting this vulnerability to gain unauthorized access to Mac users' systems, using methods such as malvertising and compromised websites. In September 2023, Malwarebytes identified a malicious campaign spreading AMOS malware to Mac users via deceptive ads. The same domain used for this campaign also revealed an open directory showing the location of both Windows and Mac payloads, with the latter being the Atomic Stealer (AMOS). Another method of distribution involved a fake browser update campaign known as 'ClearFake', which expanded its targets to include macOS devices, further spreading the AMOS malware. More recently, a new campaign has been observed that pushes malware to both Windows and Mac systems. The Mac version is an updated variant of the increasingly popular Atomic Stealer (AMOS). These continuous and evolving threats highlight the critical need for robust cybersecurity measures, including regular software updates and user education on potential phishing tactics.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Windows
Macos
Payload
Malvertising
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
FakebatUnspecified
1
FakeBat is a notable malware variant that has been increasingly involved in malvertising campaigns since at least November 2022, as per an early 2023 Intel471 report. This malicious software exploits and damages computers or devices by infiltrating systems through suspicious downloads, emails, or we
ClearfakeUnspecified
1
ClearFake is a malware that has been identified as a significant threat to macOS systems. The malicious software, typically delivered through suspicious downloads, emails, or websites, infiltrates the user's system without their knowledge and can steal personal information, disrupt operations, or ho
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Atomic Stealer Amos Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
5 months ago
Atomic Stealer rings in the new year with updated version - Cyber Security Review
Malwarebytes
9 months ago
Mac users targeted in new malvertising campaign delivering Atomic Stealer
CERT-EU
5 months ago
Atomic Stealer rings in the new year with updated version | Malwarebytes
CERT-EU
7 months ago
Atomic Stealer malware strikes macOS via fake browser updates
CERT-EU
7 months ago
Mac Systems Under Threat: ClearFake Campaign Deploys Atomic Stealer Malware
Malwarebytes
4 months ago
State of Malware 2024: What consumers need to know | Malwarebytes