A concerning trend is emerging as cybercriminals increasingly target Apple computers with information-stealing malware. One such macOS infostealer, Atomic Stealer, has recently garnered attention from cybersecurity firm SentinelOne. In May 2023, a new malware version was identified, exhibiting more refined and targeted data-capturing capabilities, specifically focusing on gaming and cryptocurrency users.
The primary motive behind Atomic Stealer’s deployment is financially oriented cybercrime, yet the identity of the hacker group responsible remains shrouded in mystery. Compared to other Apple-oriented infostealers like Pureland or MacStealer, Atomic Stealer boasts versatility in its approach, able to capture account passwords, browser data, session cookies, and cryptocurrency wallets. Additionally, its creators facilitate seamless campaign control through a web interface, which comes at a steep monthly cost of $1,000.
Cybercriminals promote the Atomic Stealer installer on the widely used messaging app Telegram, which has replaced dark web forums in their covert dealings. The malware’s latest version was also promoted on a YouTube channel established in late April.
The attack vectors employed by malicious actors vary, with some disguising Atomic Stealer as legitimate application installers while others inject the malware into legitimate Google Ads. SentinelOne reports that this infostealer employs a straightforward yet effective method called AppleScript spoofing to extract users’ login passwords, leveraging Apple’s scripting language to deceive victims into running malicious code.
To evade detection, Atomic Stealer forgoes establishing persistence on infected Macs, as Apple’s latest security features alert users when items are added to the login items list. Instead, the malware focuses on swift data theft in a single attack, increasing its chances of success.
With over 1,000 subscribers on the Telegram channel selling Atomic Stealer, it is evident that infostealers targeting Mac computers are becoming increasingly attractive to threat actors. As more organizations embrace Apple devices for both work and personal use, the lack of robust external security tools on many Macs provides ample opportunities for cybercriminals to exploit and develop tools to aid their illicit endeavours.
As the cyber landscape evolves, cybersecurity experts warn that vigilance and comprehensive security measures are crucial to safeguarding both personal and organizational data from the insidious reach of information-stealing malware like Atomic Stealer.
Take charge of your cybersecurity today! Stay informed, protected, and one step ahead of fraudsters with Fraudster, the ultimate mobile app. Download now and receive real-time push notifications, stay updated on the latest frauds and scams, and gain valuable tips on safeguarding yourself. Available for iOS and Android, Fraudster is your trusted ally in the fight against fraud. Don’t wait! Visit http://www.FraudsterApp.com to learn more about our mission and start securing your digital world for free.
