Mac users alert! Hackers are using Telegram to peddle macOS malware; know details

Telegram seems to be the new favourite space for hackers and bad actors. We recently read reports of hackers making negotiations on Telegram for malware-laden apps and now a new report from Cyble Research and Intelligence Labs (CRIL) uncovers a new malware operating through the messaging app. Even worse is that this malware targets macOS which is generally considered a safer platform than Windows.

CRIL researchers have a discovered a new malware called Atomic macOS Stealer (AMOS) that has been specifically designed to target macOS platforms and is capable of extracting sensitive information such as autofill data, passwords, bank details and wallets from victims’ computers.

ALSO READ l Alert! Hackers are using legit looking apps to steal your personal data: Details

According to the researchers, the hacker behind the AMOS malware is constantly improving and updating it with new features to make it more effective. The AMOS malware is being sold by threat actors on a Telegram channel, which is a growing trend in the cybercriminal world. The channel advertises the malware, making it easily accessible to anyone who wants to purchase it. The latest update for AMOS was seen on a Telegram post on April 25, showcasing its latest capabilities.

AMOS is said to steal various type of information from the victim’s machine, including keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password.

How the malware operates? It is designed to target multiple browsers and can extract auto-fills, passwords, cookies, wallets, and credit card information. The researchers claim that AMOS can target cryptowallets such as Electrum, Binance, Exodus, Atomic, and Coinomi.

The hackers offer additional services for a fee of $1000 per month, including a web panel for managing victims, tools for stealing seed and private keys, a crypto checker, and a dmg installer. They share logs of their activities through Telegram.

ALSO READ l Twitter hacked! Private data of 200 mn users leaked online, report says

It is advisable for macOS users to be cautious and take necessary precautions to protect their sensitive information. Install reputable antivirus software and keep it up to date, use strong and unique passwords, and enable two-factor authentication whenever possible.

Telegram seems to be the new favourite space for hackers and bad actors. We recently read reports of hackers making negotiations on Telegram for malware-laden apps and now a new report from Cyble Research and Intelligence Labs (CRIL) uncovers a new malware operating through the messaging app. Even worse is that this malware targets macOS which is generally considered a safer platform than Windows.

CRIL researchers have a discovered a new malware called Atomic macOS Stealer (AMOS) that has been specifically designed to target macOS platforms and is capable of extracting sensitive information such as autofill data, passwords, bank details and wallets from victims’ computers.

ALSO READ l Alert! Hackers are using legit looking apps to steal your personal data: Details

According to the researchers, the hacker behind the AMOS malware is constantly improving and updating it with new features to make it more effective. The AMOS malware is being sold by threat actors on a Telegram channel, which is a growing trend in the cybercriminal world. The channel advertises the malware, making it easily accessible to anyone who wants to purchase it. The latest update for AMOS was seen on a Telegram post on April 25, showcasing its latest capabilities.

AMOS is said to steal various type of information from the victim’s machine, including keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password.

How the malware operates? It is designed to target multiple browsers and can extract auto-fills, passwords, cookies, wallets, and credit card information. The researchers claim that AMOS can target cryptowallets such as Electrum, Binance, Exodus, Atomic, and Coinomi.

The hackers offer additional services for a fee of $1000 per month, including a web panel for managing victims, tools for stealing seed and private keys, a crypto checker, and a dmg installer. They share logs of their activities through Telegram.

ALSO READ l Twitter hacked! Private data of 200 mn users leaked online, report says

It is advisable for macOS users to be cautious and take necessary precautions to protect their sensitive information. Install reputable antivirus software and keep it up to date, use strong and unique passwords, and enable two-factor authentication whenever possible.