It has recently come to light that a New variant of the Atomic Stealer malware, identified as AMOS, presents a more sophisticated threat level targeting users of iMac and other Mac devicesThis evolution represents a greater challenge for computer security, since it is not only limited to traditional data theft, but also incorporates a back door which allows attackers to take complete control of the infected computer.
Since last year, Atomic Stealer It has been known among cybersecurity experts as software designed to extract personal information, primarily credentials and cryptocurrency wallet data, from users with MacOS computers. Once collected, this data is automatically sent to servers controlled by the attackers.
Great leap in attack capacity
In the latest review of the malware, observed by researchers like g0njxa, the integration of a backdoor function has been detected. This new feature allows threat actors to obtain a persistent and remote access to the affected computer, facilitating the execution of remote commands, the reactivation of the malware even after removal attempts, and prolonged surveillance within the system.
According to research by the firm Moonlock, this vulnerability facilitates the activity of keyloggers (keystroke logging), reinstallation of malware, and a wider range of possibilities for exploiting the system. All of this significantly increases the risks to the privacy and data integrity of iMac users..
Active campaigns and distribution methods
Currently, the expansion of this Modified Atomic Stealer is being carried out through pirated software websites and through phishing tactics, especially in contexts such as job interviews where the victim is asked to share their screen. With this approach, cybercriminals have managed to rapidly expand the number of infected devices.
Experts warn that the network of affected devices is already extensive, exceeding 120 countries, with a particular impact in the United States, France, Italy, the United Kingdom, and Canada. The backdoor's ability to gain full access to the device makes iMacs a prime target for attackers.
Why is this variant so worrying?
The risk is that by gaining full remote access, cybercriminals can not only steal personal or financial data, but also manipulate the system, install new malware, and even spy on user activities for long periods.
It is recommended to take extreme precautions before downloading any file or program from dubious sources, as well as avoiding accessing unverified links that arrive via email or direct messages.
The emergence of this new version of the Atomic Stealer malware highlights the importance of keeping the operating system updated and using reliable security tools on iMacs and any MacOS device. The sophistication of cybercriminals' techniques requires users to remain vigilant to protect their information and the integrity of their computers.
