A new malware that targets macOS users is making rounds in messaging app Telegram.
AMOS, or Atomic macOS Stealer is a program that extracts information from an infected computer. The type of information the malware can obtain include files in documents and desktop folders, macOS user password, system details, and Keychain-saved passwords. The malware targets browsers such as Chrome and Firefox and can extract cookies, wallets, credit card information, passwords, and autofill information.
Atomic macOS Stealer is also known to target crypto wallets such as Atomic, Exodus, Binance, Coinomi, and Electrum. Currently, AMOS is being sold on popular messaging app Telegram for a subscription to the tune of $1,000 per month. macOS users are advised to avoid installing .dmg files from unknown sources as it can produce a fake system dialog box and scan the computer for sensitive information it can steal and then send to a remote server.
