Categories: MarketsMenafn

Introducing Atomic macOS Stealer – The Newest Threat to Crypto Wallet Owners

Threat actors have introduced a new information stealer targeting Apple macOS operating systems, known as Atomic macOS Stealer (AMOS), sold on Telegram for $1,000 monthly. This malware joins the notorious ranks of similar malware, such as MacStealer.

According to a detailed report by Cyble researchers, the Atomic macOS Stealer can steal a wide range of information from the victim’s computer. That includes Keychain passwords, comprehensive system data, crypto wallet data, files from the desktop and documents folder, and even the macOS password itself.

Key Features of the Atomic macOS Stealer

The Atomic macOS Stealer stands out because it can extract valuable data from web browsers and cryptocurrency wallets, including Atomic, Binance, Coinomi, Electrum, and Exodus. Moreover, when threat actors purchase the stealer from its developers, they receive a ready-to-use web panel for managing their victims.

This insidious malware is delivered as an unsigned disk image file (Setup.dmg) that, when executed, prompts the victim to enter their system password on a fake prompt. By doing so, the malware escalates its privileges and initiates its malicious activities, a technique also employed by MacStealer.

Infiltration Tactics and Distribution Methods

The specific method to deliver the Atomic macOS Stealer is not immediately apparent. However, victims are likely deceived into downloading and executing the malware, believing it to be legitimate software.

The Atomic stealer artifact, submitted to VirusTotal on April 24, 2023, bears the name “Notion-7.0.6.dmg.” That indicates it may be masquerading as the well-known note-taking application. The MalwareHunterTeam has also discovered other samples distributed as “Photoshop CC 2023.dmg” and “Tor Browser.dmg.”

Cyble researchers have noted that malware like the Atomic macOS Stealer could be installed by exploiting system vulnerabilities or hosting malicious software on phishing websites.

How the Atomic macOS Stealer Operates

Once installed, the Atomic macOS Stealer gathers system metadata, files, iCloud Keychain, and information stored in web browsers (such as passwords, autofill data, cookies, and credit card information) and crypto wallet extensions. 

This collected data is compressed into a ZIP archive and sent to a remote server. Finally, the compiled information’s ZIP file is transmitted to pre-configured Telegram channels.

The Growing Importance of macOS Security

The emergence of the Atomic macOS Stealer serves as a stark reminder that macOS is increasingly becoming an attractive target for cybercriminals, not just nation-state hacking groups. 

Consequently, users must take necessary precautions. That includes downloading and installing software only from trusted sources, enabling two-factor authentication, and reviewing app permissions. It is also worth avoiding suspicious links received through emails or SMS messages.

By following these guidelines and remaining vigilant, users can better protect themselves from the growing threat of advanced malware like the Atomic macOS Stealer.

The post Introducing Atomic macOS Stealer – The Newest Threat to Crypto Wallet Owners appeared first on CryptoMode.

Jerry Rolon

After working for 7 years as a Internet Marketer, Jerry now aims to explore the journalistic side of Internet. With his impeccable knowledge in this domain, he churns out some of the best news articles from the internet niche. With respect to acedamics, Jerry earned a degree in business from California State University.

Recent Posts

Agrifi AGF Token Transforms DeFi with Real Farmland Utility and On-Chain Yields

Estonia, 22nd October 2025, ZEX PR WIRE, AgriFi, a blockchain-powered agricultural finance protocol, is redefining…

3 hours ago

Ride the Festive Wave: From London to Manchester’s Christmas Markets with Global Airport Taxi

Manchester Christmas Markets — The Beating Heart of Britain’s Festive Season London, UK, 21st October…

3 hours ago

Travel Smarter: Sky Bridge Cars Sets a New Benchmark for Heathrow Taxi Excellence

London, UK, 21st October 2025, ZEX PR WIRE, For millions of passengers travelling through Heathrow…

3 hours ago

Top ICO 2025: IONIX Chain is the Best Crypto Presale for the Next 1000x Gains

Dubai, UAE, 21st October 2025, ZEX PR WIRE, In a year that’s already shaping up…

3 hours ago

Bolivia President-Elect Adopts Blockchain Plan To Curb Corruption

Bolivia’s president-elect, Rodrigo Paz, has a bold plan to use blockchain technology in government buying…

1 day ago

ANOME Unveils AnoMEME: A Meme Token Card LaunchPad Built on ERC-404 — Where Meme Tokens Become Meme Cards

Singapore, 20th October 2025, ZEX PR WIRE, ANOME, the Web3 ecosystem uniting NFTs, GameFi, and…

2 days ago