Atomic macOS Stealer leads sensitive data theft on macOS
Sept. 9, 2024, 11:21 a.m.
Tags
External References
Description
The report discusses the Atomic macOS Stealer (AMOS), an infostealer malware targeting macOS systems. It is designed to steal sensitive information like passwords, cookies, cryptocurrency wallets, and other data from infected machines. The malware is distributed through malvertising, SEO poisoning, and social media campaigns disguised as legitimate applications. AMOS has evolved with obfuscated code, Python droppers, and potential future iOS targeting capabilities. The report provides insights into AMOS's distribution methods, command and control infrastructure, and evolving capabilities, emphasizing the importance of exercising caution when installing software and enabling appropriate security measures.
Date
Published: Sept. 9, 2024, 11:16 a.m.
Created: Sept. 9, 2024, 11:16 a.m.
Modified: Sept. 9, 2024, 11:21 a.m.
Indicators
d23491dd351f43f0efad5cee2be80c4049349a7695c0e7de1de632c791356183
c43e506c9b964dddf6fd784bf0cc78b4a2396f47257361dc22e1070e249eae16
bda2503fc02b11258399cfabd0778a997654b5bd7d30e5e3f5bef54a74b914e1
b351e3f475681ab2e8db5b2bbd2beaf26e5b4fd082ca08eba6fffbc76370113c
8891e7562eb4db253a8582376083ca99b19457680f9d36a5ba4108790740785e
7bcfcc90d0bd6c85b5b1cc9f287e161020571a0418afb50f2dd67685e9d3a4fc
716778bab5fb2c439a51362be5941a50d587714d58a6faa39eefa96aa79c1561
564b21c293bc9d0885dc7a87dbf488a497c98d2103d91f5bbcfdb476eb8b6f4c
4dce8b3beba71b8b44b6576ff2497ed68c6fafebd046822f0d60f8758238e900
01082cd4733e5f3e2c3f642fa6c0afb5a9489d39ff26a35549263fc0e02ebad3
http://slackforbusiness.net/main.php
http://slackforbusiness.net/api.php
slackcomtop.aab-e-pak.com
wooofi.com
slackforbusiness.net
nextnovatech.com
macpaw.us
Attack Patterns
Atomic macOS Stealer
AMOS
T1578
T1193
T1588
T1185
T1548
T1557
T1189
T1552
T1497
T1555
T1083
T1071
T1036
T1566
T1059