Info Stealer
Atomic Stealer
First seen: 2023-04 • Status: active
Currently Active Threat
Atomic Stealer attacks Mac computers - unusual because most stealers target Windows. It steals Keychain passwords and crypto.
Overview
Atomic Stealer (AMOS) is one of the first major macOS info stealers. It targets browser data, crypto wallets, and Keychain passwords.
Also Known As
AMOS, Atomic macOS Stealer
How It Spreads
- • Fake Mac apps
- • Malvertising
- • Cracked software
What It Does
- • Keychain password theft
- • Browser data theft
- • Crypto wallet theft
Is your business exposed?
Target Platforms
macOS
Detection Tips
- • Monitor for unauthorized Keychain access
- • Watch for unsigned Mac apps
MITRE ATT&CK Techniques
T1555, T1539
If You're Infected
- 1.
Change Keychain passwords
- 2.
Move cryptocurrency
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required