Mac Malware-for-Hire Targets Cryptocoins and Passreplaces
Overview
As threats to cybersecurity continue to emerge, a new trend has surfaced with the rise of “malware-for-hire,” whereby cybercriminals rent malware toolkits to other cybercriminals for a fee. Researchers at dark web monitoring firm Cyble discovered one such toolkit, dubbed Atomic macOS Stealer (AMOS), specifically built to target Mac users. AMOS allows its users to extract passwords and cryptocoins from macOS Keychains, as well as files from the Desktop and Documents directories. AMOS can retrieve system information and obtain secret data from six different browsers, among other features.
How it Works
Once downloaded, the malware lures users into giving away their macOS account password by a popup dialog claiming macOS wants to ‘access’ System Settings. In reality, the popup belongs to the malware app. By exploiting the popup, the malware gains access to macOS internal storage containing users’ login credentials. The malware provides its users with a DMG installer which looks legitimate and professional, commonly used by legitimate software developers for Mac applications.
Recommendations
Malware that specifically targets Mac users is rare compared to malware aimed at Windows users, however, AMOS warns against complacency. Mac users should view cybersecurity as a critical component of their digital lifestyle to protect against threats. While Apple’s own App Store is relatively safe, users should still stick to reputable download sites. If off-market applications are necessary, users can provide themselves with temporary access and lock their systems down immediately afterwards. Furthermore, consider running real-time malware blocking tools that scan downloads and proactively prevent access to dangerous download servers. Sophos Home is a cybersecurity solution well suited for this purpose and modestly priced for up to 10 computers.
Conclusion
AMOS serves as a reminder that cybersecurity threats are persistent and rapidly evolving, and Mac users are not exempt from these threats. By implementing recommended best practices, such as the use of reputable download sites, Mac users can better protect their devices from these threats and safeguard their personal data.
<< photo by Jorge Jesus >>