The subscription price has increased to $3,000 per month, but is the malware worth the money?
Cybersecurity researchers at Malwarebytes identified an updated version of malicious software for macOS, known as Atomic Stealer (AMOS). Regular updates indicate that attackers are actively working to improve the functionality of the infostiler.
According to specialist Jerome Segur, the Atomic Stealer update occurred around the end of 2023. The developers implemented payload encryption in an attempt to avoid detection.
Atomic Stealer first launched in April 2023 with a $1,000-a-month subscription. This program is able to collect confidential information from infected devices, including passwords, session cookies, cryptographic wallets, system metadata, and device password.
Recent months have seen the spread of malware through fraudulent ads and compromised websites disguised as legitimate software and web browser updates.
An extreme analysis by Malwarebytes shows that Atomic Stealer is now on sale for $3,000 a month, with a recent Christmas promotion bringing the price down to $2,000.
In addition to integrating encryption to evade detection, the Atomic Stealer distribution campaigns have also undergone some changes. Now attackers use Google ads disguised as Slack, and Atomic Stealer itself often gets to the victim's computer through the malicious downloader EugenLoader.
In September 2023, researchers noticed a fraudulent advertising campaign that used a fake TradingView platform site to deliver RAT NetSupport on Windows and Atomic Stealer on macOS.
A fake Slack disk image (DMG) pushes the victim to enter the system password when opened, allowing attackers to collect confidential information. An important aspect of the new version is the use of obfuscation to hide the command and control server that receives stolen data.
Malwarebytes emphasizes that it is important for Mac users to download software only from reliable sources. However, fraudulent advertising and false sites can be misleading, and even a single mistake, such as entering the system password, can lead to data theft and other unpleasant consequences.
Cybersecurity researchers at Malwarebytes identified an updated version of malicious software for macOS, known as Atomic Stealer (AMOS). Regular updates indicate that attackers are actively working to improve the functionality of the infostiler.
According to specialist Jerome Segur, the Atomic Stealer update occurred around the end of 2023. The developers implemented payload encryption in an attempt to avoid detection.
Atomic Stealer first launched in April 2023 with a $1,000-a-month subscription. This program is able to collect confidential information from infected devices, including passwords, session cookies, cryptographic wallets, system metadata, and device password.
Recent months have seen the spread of malware through fraudulent ads and compromised websites disguised as legitimate software and web browser updates.
An extreme analysis by Malwarebytes shows that Atomic Stealer is now on sale for $3,000 a month, with a recent Christmas promotion bringing the price down to $2,000.
In addition to integrating encryption to evade detection, the Atomic Stealer distribution campaigns have also undergone some changes. Now attackers use Google ads disguised as Slack, and Atomic Stealer itself often gets to the victim's computer through the malicious downloader EugenLoader.
In September 2023, researchers noticed a fraudulent advertising campaign that used a fake TradingView platform site to deliver RAT NetSupport on Windows and Atomic Stealer on macOS.
A fake Slack disk image (DMG) pushes the victim to enter the system password when opened, allowing attackers to collect confidential information. An important aspect of the new version is the use of obfuscation to hide the command and control server that receives stolen data.
Malwarebytes emphasizes that it is important for Mac users to download software only from reliable sources. However, fraudulent advertising and false sites can be misleading, and even a single mistake, such as entering the system password, can lead to data theft and other unpleasant consequences.
