Hackread reports that numerous information-stealing malware, cryptomining payload, and keylogger capabilities have been integrated into another novel variant of the Atomic Stealer macOS infostealer, also known as AMOS.
Aside from resembling the second iteration of the RustDoor backdoor due to its focus on sensitive data exfiltration, the upgraded Atomic Stealer variant also enables the gathering of Safari browser cookies to facilitate improved exfiltration of hardware data, passwords, and encryption keys, a report from Bitdefender revealed. Several functions have also been leveraged by the new Atomic Stealer malware to allow the theft of browser data and assets from cryptocurrency wallets, including Atomic, Exodus, Coinomi, and Electrum. Moreover, operators of the infostealer have also strengthened Atomic Stealer's defenses against detection and analysis. Organizations have been given indicators of compromise for the new Atomic Stealer variant by Bitdefender to mitigate the threat amid limited detection.
