Atomic
New macOS stealer campaign uses Script Editor in ClickFix attack
A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix attack that tricked users into executing commands in Terminal. Script Editor is a built-in macOS application for writing and running scripts, primarily AppleScript and JXA, that can execute local scripts and shell commands. It […]
LastPass: Fake password managers infect Mac users with malware
LastPass is warning users of a campaign that targets macOS users with malicious software impersonating popular products delivered through fraudulent GitHub repositories. The fake apps deliver the Atomic (AMOS) info-stealing malware in ClickFix attacks, and are promoted through search engine optimization (SEO) tactics on Google and Bing. AMOS is a malware-as-a-service operation available for $1,000/month that typically […]
Atomic macOS infostealer adds backdoor for persistent attacks
Malware analyst discovered a new version of the Atomic macOS info-stealer (also known as ‘AMOS’) that comes with a backdoor, to attackers persistent access to compromised systems. The new component allows executing arbitrary remote commands, it survives reboots, and permits maintaining control over infected hosts indefinitely. MacPaw’s cybersecurity division Moonlock analyzed the backdoor in Atomic malware after a […]
GrassCall malware campaign drains crypto wallets via fake job interviews
A recent social engineering campaign targeted job seekers in the Web3 space with fake job interviews through a malicious “GrassCall” meeting app that installs information-stealing malware to steal cryptocurrency wallets. Hundreds of people have been impacted by the scam, with some reporting having their wallets drained in the attacks. A Telegram group has been created to discuss […]