This new cyber threat reminds us of the importance of staying informed and adopting good cybersecurity practices.
The world of IT security is constantly evolving, with new threats emerging every day. macOS users are generally considered safe from many dangers that plague other platforms, but this perception seems to have become partially wrong: they too now have to face web threats. New malware is targeting their systems, putting sensitive data and cryptocurrencies at risk.
The discovery of this malware has caused a stir great concern among security experts. Details on how it works and the techniques used have been revealed by recent studies, which have highlighted how crucial it is for users to be informed and take effective preventive measures.
the new threat, called Atomic Stealer, is spreading among macOS users. This malware It disguises itself as crack files of popular software such as CleanMyMac or Photoshop, tricking users into downloading and installing it on their systems. Once installed, it starts stealing sensitive data from browsers and cryptocurrency wallets.
New threat for macOS: Atomic Stealer
The software was first identified in 2023 and since then it continued to evolve, becoming increasingly difficult to detect. It uses sophisticated scripts to stay hidden and to carry out its malicious actions without arousing suspicion.
Once installed, Atomic Stealer uses AppleScript to convince users to provide their passwords of system. Subsequently, steals cookies from browsers like Chrome and Safariand if it detects that it is running on a virtual machine, it is programmed to delete itself, reducing its chances of being discovered during security scans.
Atomic Stealer is also capable of steal files from cryptocurrency wallets, including Electrum, Coinomi, Exodus, Atomic Wallet, Wasabi Wallet, Ledger Live, Feather (Monero), Bitcoin Core, Litecoin Core, Dash Core, Electrum-LTC, Electron Cash, Guarda Wallet, Dogecoin Core, Binance and TonKeeper. Furthermore, the malware copies the “login.keychain-db” file, which contains sensitive passwords and credentials, and steals data from Apple Notes by copying “NoteStore.sqlite” files.
Prevention is the key to protecting yourself from Atomic Stealer. Users must download software only from official sources, such as the Mac App Store, and be wary of downloads from unverified sites. It is important to always check the URL of websites to ensure they are authentic and avoid clicking on suspicious links.
Another crucial preventive measure is keep macOS and all installed applications updated. Updates often include security patches that can protect your system from new threats. Additionally, Gatekeeper, a built-in feature of macOS, can help ensure that only signed, trusted apps are installed.
