EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • A new info stealer targeting macOS devices

    A new info stealer targeting macOS devices

    Written by
    The Editorial Team
    05.03.23
    Risks management
    02
    MIN
    A new info stealer targeting macOS devices
    A new info stealer targeting macOS devices
    A new info stealer targeting macOS devices
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Risks management
    03.20.24 Risks management
    Next article
    Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Read
    03
    MIN
    Image Jean-Jacques Latour: "To date, we have not identified any new threat linked to artificial intelligence"
    Risks management
    03.18.24 Risks management
    Next article
    Jean-Jacques Latour: “To date, we have not identified any new threat linked to artificial intelligence”
    Read
    06
    MIN
    Image Storage must form the core of an enterprise cybersecurity strategy
    Risks management
    03.14.24 Risks management
    Next article
    Storage must form the core of an enterprise cybersecurity strategy
    Read
    05
    MIN

    Cyble identifies AMOS, an info stealer that specializes in Macs and specifically targets crypto wallets

    The Cyble cybersecurity firm alerted the world to a new info stealer on April 26, 2023, named AMOS, for “Atomic macOS Stealer”. Its special feature is in its name: it targets devices that run on macOS. Cyble pinpointed a Telegram channel dedicated to the stealer, and managed to retrieve a sample to analyze it.

    Once installed on Mac, AMOS allows attackers to retrieve several sets of data on the infected device. It also infects the most popular web browsers, as well as their extensions.

    The stealer’s primary objective is retrieving access to crypto wallets, namely Electrum, Binance, Exodus, Atomic and Coinomi. As far as the OS is concerned, AMOS can also siphon off macOS passwords, various system information, folders and passwords stored in the keychain. As for the browser, AMOS can steal passwords, cookies, info from prefilled forms and payment info.

    According to Cyble, its creators charge a thousand dollars a month for access to AMOS. On April 25, 2023, they launched a malware update, with new features. Researchers have to yet to ID AMOS admins, but they have a solid lead on its source. By analyzing the stealer, Cyble noticed it was sending stolen data to a CSS server linked to a “.ru” address, Russia’s domain extension.

    The Editorial Team
    05.03.23
    Articles by the same author:
    1
    04.08.24 Cybercrime
    AT&T data theft: 73 million accounts compromised
    Read
    01
    MIN
    2
    04.08.24 Industry and OT
    Kaspersky notes slight decrease in attacks against ICS 
    Read
    02
    MIN
    3
    04.05.24 Digital Sovereignty
    DMA: European Commission to investigate Alphabet, Apple and Meta 
    Read
    02
    MIN
    4
    04.02.24 Digital Sovereignty
    Atos/Eviden: Airbus throws in the towel (again)
    Read
    02
    MIN
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Risks management
    03.20.24 Risks management
    Next article
    Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Read
    03
    MIN
    Image Jean-Jacques Latour: "To date, we have not identified any new threat linked to artificial intelligence"
    Risks management
    03.18.24 Risks management
    Next article
    Jean-Jacques Latour: “To date, we have not identified any new threat linked to artificial intelligence”
    Read
    06
    MIN
    Image Storage must form the core of an enterprise cybersecurity strategy
    Risks management
    03.14.24 Risks management
    Next article
    Storage must form the core of an enterprise cybersecurity strategy
    Read
    05
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.