A new spine-tingling malware has been released, and no, it’s not lurking in Windows or Google Play this time — it’s targeting macOS. According to BleepingComputer, it’s called “Atomic” — and it’s sold to cybercriminals in the shadiest corners of the web for $1,000 a month.
With this ill-intentioned subscription, malicious actors get an easy-to-use victim management user interface that allows them to obtain highly sensitive information, including keychain passwords, cookies, files from local systems, and other data that could leave victims in serious trouble.
What can Atomic do?
As mentioned earlier, Atomic is an information-stealing malware, but to make matters worse, it can also make its quarries poorer. Cybercriminals who purchase Atomic get a DMG file that contains 64-bit Go-based malware that can grab credit card information lurking in browsers. This includes Google Chrome, Microsoft Edge, Mozilla Firefox, Yandex, Opera, and Vivaldi.
How does he do that? Well, once Atomic finds its way to the victim’s Mac, it can display a fake password window, prompting users to type in their system passwords. Thus, attackers can access the quarry’s macOS device and wreak havoc.
To add salt to the wound, cryptocurrency holders are particularly vulnerable. This macOS malware is designed to target more than 50 popular cryptocurrency extensions, including Metamask and Coinbase.
Unfortunately, the Atomic can fly under the radar. Only 1 out of 59 antivirus scanners flagged the malware.
How to avoid Atomic macOS malware
Fortunately, you won’t find Atomic hidden inside any of the official macOS services. It is up to malicious buyers to distribute Atomic via phishing emails, phishing torrents, and social media posts. Some even harness the black power of SEO to target Google searchers, baiting them into downloading infected apps masquerading as legitimate software.
If you are a cryptocurrency holder, take a look at our best crypto hardware wallet pages to protect yourself from digital asset thieves. I advise against using software wallets; Your precious virtual coins are highly exposed.
We also suggest removing your credit card information from Google Chrome by going to Settings > Autofill > Payment methods. Click the three-dot icons next to your credit cards and click Turn Off Virtual Card. To go ahead, go to pay.google.com, go to Payment methods, and click “Remove” next to your credit cards.
GIPHY App Key not set. Please check settings