According to the Moonlock lab team, the Atomic macOS Stealer, also known as AMOS, has just experienced a decisive and dangerous upgrade.
AMOS) is a popular piece of stealer malware for macOS, has just received a major update. For the first time, it’s being deployed with an embedded backdoor.
According to the folks at Moonlock, the cybersecurity division of MacPaw, this change allows attackers to maintain persistent access to a victim’s Mac, run arbitrary tasks from remote servers, and gain extended control over compromised machines. This is believed to be only the second known case — after North Korean threat actors — of backdoor deployment at a global scale targeting macOS users.
According to Moonlock, AMOS malware campaigns have already reached over 120 countries, with the United States, France, Italy, the United Kingdom, and Canada among the most affected. The backdoored version of Atomic macOS Stealer now has the potential to gain full access to thousands of Mac devices worldwide, notes the cybersecurity division.
From the Moonlock report: For Mac users, this update means the threat is no longer limited to stolen credentials or documents. It now opens the door to full system compromise.
The upgrade to AMOS represents a significant escalation in both capability and intent, whether the changes were made by the original malware authors or by someone else modifying the code.
How to keep yourself safe from AMOS
Here’s how Moonlock says to keep your self safe from AMOS:
The longer AMOS stealer stays undetected, the more damage it can do to Mac users, their contacts, employers, or finances. It’s like a burglar who doesn’t leave after the theft but moves in and waits for the victim to buy more stuff so they can strike again.
It’s no secret that cybercriminals are increasingly targeting macOS, largely because so many people still believe Macs are immune to malware. This gap in awareness can’t be ignored. The new capabilities of the AMOS group require immediate attention, not just from security teams but everyday Mac users as well.
Staying informed about AMOS, especially the social engineering techniques it uses to mislead and spear phish victims, is crucial. It is more important than ever to reduce your digital footprint, as bad actors research their targets in detail before reaching out. The more they know, the more convincing their phishing attempts become and the more widespread AMOS gets.
The use of additional anti-malware software can help block these attacks. Modern anti-malware tools can detect if Atomic macOS Stealer tries to breach your system. These programs can warn you early and stop the attack before it even begins.
I hope you’ll help support Apple World Today by becoming a patron. All our income is from Patreon support and sponsored posts. Patreon pricing ranges from $2 to $10 a month. Thanks in advance for your support.
