- Atomic Stealer, or Amos, is no longer just a pure childhood infant, experts warn
- The tool now comes with a back door and a persistence mechanism.
- A new variant was seen circulating in nature
Atomic Stealer (AMOS), one of the most dangerous infant malware threats in the macOS ecosystem, only obtained a significant update that makes it even more dangerous, experts have warned.
A new version of malware was detected with a rear door that not only allows persistent access and survives the reset, but also gives attackers the ability to display any other malware on the committed device.
The news is courtesy of the MacPaw cyber security arm, Moonlock, who was invested by an independent researcher with the Alias G0njxa., Who pointed out that the rear version of Atomic Macos Stealer now has the potential to obtain total access to thousands of Mac devices worldwide.
A popular infants
Amos has existed for years, establishing itself as the robbery malware used in many important piracy campaigns. Until now, it was able to extract a wide range of data, including passwords and browser storage keys, automatic approach data, cryptocurrency wallet information, system data and different files. He was also able to avoid macOS protections, deceive Gatekeeper and other macOS safety features.
It was sold as Maas (malware as a service) in underground forums, it was often distributed through false applications and malicious websites.
The last time we listened to Amos in early June 2025, when Russian threat actors used the popular clickfix method to display it against their goals. At that time, Cloudsek security researchers reported multiple websites that Spoofing Spectrum, a telecommunications provider based in the USA. UU., To deliver the malware.
At the beginning of January, the software developer Ryan Chenkie saw a malicious campaign on Google, promoting a false version of Homebrew, an open source package manager for macos and Linux that was, in fact, masters.
“Malware campaigns have already reached more than 120 countries, with the United States, France, Italy, the United Kingdom and Canada among the most affected,” the researchers warned.
Through Bleepingcomputer
