The greatest threat, according to experts, is posed by Atomic macOS Stealer (AMOS), which first became known in 2023. AMOS is one of the most common hacker solutions aimed at stealing confidential data from devices using the macOS software environment. AMOS’s “area of ​​interest” includes cryptocurrency wallets and autofill data, as well as cookies and passwords, including Apple keychain and macOS password. According to Sophos experts, most of the stolen information is sold on criminal markets.
As one of the AMOS attack vectors, experts named the tactic of “SEO infection”, when unsuspecting digital asset holders search for the name of a certain software or utility, and the attacker’s site appears in the top search results. The proposed download imitates the real application and secretly installs malware on the user’s computer. The attackers also use legitimate social networking infrastructure and GitHub to host AMOS binaries.
Atomic macOS Stealer is in high demand in the cybercriminal world: the price of a monthly AMOS license has tripled in the last year – from $1,000 to $3,000. Sophos warns that the entry into force of the EU Digital Markets Act (DMA), which obliges Apple to open its platform to alternative marketplaces, could become an additional incentive for malware developers.
Recall that in April, Eowyn Chen, CEO of crypto wallet provider Trust Wallet, recommended that Apple smartphone users disable the iMessage service due to concerns about a zero-day exploit.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
