Hackers using Telegram to sell macOS malware: All the details


Compared to Windows, macOS is considered to be more robust and secure against malware and virus. However, that doesn’t stop hackers and bad actors from targeting Apple’s operating system for Mac devices. According to a report by Cyble Research and Intelligence Labs (CRIL), a Telegram channel has been advertising a new information-stealing malware called Atomic macOS Stealer (AMOS). As per the report, the malware can steal sensitive information — passwords, bank details — from the victim’s machine.
How does Atomic macOS Stealer work?
CRIL report notes that the “Atomic macOS Stealer can steal various types of information from the victim’s machine, including keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password.”
Since all these details are extremely critical, the malware can prove really dangerous. The malware has the ability to target multiple browsers, which means that data in Safari, Chrome or Edge is at risk. Users have the feature to auto-fill passwords, credit card information among other sensitive information in their browsers.
Furthermore, the malware has also been designed to target cryptowallets such as Electrum, Binance, Exodus, Atomic, and Coinomi.
A.dmg file — commonly used — is sent across to the target’s machine and plants the malware. If a user ends up installing the dmg file on macOS, then the malware has access to confidential information, which it then sends to a remote server.
How does Telegram come into the picture?
According to the report, the malware “also provides additional services such as a web panel for managing victims, meta mask brute-forcing for stealing seed and private keys, crypto checker, and dmg installer, after which it shares the logs via Telegram.” All these services are then offered at a price of $1,000 per month.
Users need to be careful and download apps only from the official App Store. It also helps to have two-factor authentication enabled in various apps and services.


Source link

Leave a Comment