The Malwarebytes blog post, published on January 10, 2024, by Jérôme Segura, details an update to Atomic Stealer (AMOS), a malware targeting Mac users. This update, which occurred around December 2023, includes payload encryption to evade detection. Atomic Stealer is known for its high rental fee of $3000/month. In January 2024, a malvertising campaign was observed distributing the updated version of AMOS via Google search ads, impersonating Slack. The updated Atomic Stealer steals sensitive information like passwords, crypto wallets, and browser cookies, and a new feature, Google Restore, was added for enhanced cookie theft. The blog emphasizes the importance of downloading software from trusted sources to avoid such threats and recommends web protection and antivirus for safety.
For more detailed information, you can read the full article by Jérôme Segura on Malwarebytes’ website: Atomic Stealer rings in the new year with an updated version.