Several updates have been introduced to the Atomic Stealer macOS information-stealing malware, also known as AMOS, including the integration of payload encryption to better evade security software detection, The Hacker News reports.
Attack campaigns deploying the upgraded Atomic Stealer malware have also been modified, with threat actors using fraudulent Slack ads on Google search to spread the malware or the EugenLoader malware loader, also known as FakeBat, according to a Malwarebytes report. Operators of the information stealer, which initially emerged in April, have also worked to obfuscate the command-and-control server that stores data exfiltrated by Atomic Stealer malware, researchers added.
"As stealers continue to be a top threat for Mac users, it is important to download software from trusted locations. Malicious ads and decoy sites can be very misleading though and it only takes a single mistake (entering your password) for the malware to collect and exfiltrate your data," researcher Jerome Segura wrote.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news