Hackers Selling macOS Device Malware on Telegram

Listen to the Podcast:

A report from Cyble Research and Intelligence Labs (CRIL) says that hackers are selling software that can hack Apple macOS users on the Telegram messaging service. Atomic macOS Stealer (AMOS) is the name of the bad software, which is made to attack Mac users.

Worrying is that the hackers who make this malware are always making it better and adding new features to it. The most recent update of the malware, according to the story, was seen in a Telegram post on April 25.

It says that the Atomic macOS Stealer can steal different kinds of information from the victim’s computer, such as keychain passwords, full system information, files from the desktop and documents folder, and even the macOS password.

“The thief program is designed to target a number of different websites, and it is capable of stealing auto-fill information, passwords, cookies, wallets, and credit card details.
AMOS can specifically target cryptocurrency wallets like Electrum, Binance, Exodus, Atomic, and Coinomi,” it says.

The report says that the threat actor also offers other services through Telegram, such as a web panel for monitoring victims, meta mask brute-force for stealing seed and private keys, a crypto checker, and a dmg installer. A price of $1000 per month is asked for these services.

According to the CRIL report, Apple Mac users should load a.dmg file to protect their laptops and computers from AMOS malware. With a fake system dialog box after download, users can confirm the installation with a user password. When the file is installed, it will look for private information. If it finds any, it will steal it with the system password and send it to a remote server.