Jump to content
  • New macOS KeyChain Password Stealing Malware Sold on Telegram

    aum

    • 480 views
    • 2 minutes
     Share


    • 480 views
    • 2 minutes

    The malware, which was being sold on Telegram for $1,000 per month, is able to gain access to keychain passwords, system information, and files from the desktop and documents folder on a Mac.

     

    A new macOS malware that can steal sensitive data such as passwords and files was advertised on a Telegram channel for $1,000 per month, MacRumors reports.

     

    Found on Telegram by the cybersecurity intelligence group Cyble Research, the Atomic macOS Stealer (AMOS) is specifically designed to target macOS and steal sensitive information from a Mac.

     

    As Macrumors notes, the malware, which was being sold on the encrypted messaging app for $1,000 per month, is able to gain access to keychain passwords, system information, files from the desktop and documents folder, and a Mac’s password.

     

    AMOS can additionally hack into Chrome and Firefox apps, and steal autofill information such as passwords, wallets, and credit card information.  

    The malware can be bought together with a panel feature that is designed to help manage malware targets. It also comes with tools for brute-forcing private keys.

     

    According to Macrumors, the malware designer has been busy adding new improvements and functionalities to it, with the most recent update being on April 25.

     

    Abbreviated to AMOS, the malware requires a user to click on a .dmg file in order to begin installing. Once installed, it immediately starts accessing passwords, autofill information, and other sensitive data, and transferring it to a remote server. In order to attain access to the system password, AMOS triggers a fake system prompt.

     

    AMOS is also known to target crypto wallets such as Electrum, Binance, Exodus, Atomic, and Coinomi.

     

    Cyble Research advises users to avoid installing software outside the Mac App Store, and to use strong passwords and multi-factor as well as biometric authentication on their Macs.

     

    Cyble also advises users to avoid opening links in emails, to be cautious whenever an app asks for permissions, and to ensure that apps, operating systems, and devices are all up to date with the latest security updates.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...