New Malware Targets macOS and Steals Cryptocurrency
23.08.2024 21:00 1 min. read Alexander Stefanov
According to an August 5 report from Moonlock Lab, the "Atomic macOS" (AMOS) malware is experiencing a resurgence, appearing in Google Adsense ads masquerading as legitimate macOS programs like Loom, Figma, and TunnelBlick.
These fake versions are unauthorized and are designed to install AMOS on users’ devices.
Moonlock experts discovered AMOS while investigating a fake Loom ad that redirected them to a fake website. Instead of downloading Loom, users inadvertently installed a sophisticated version of the AMOS malware.
Originally reported by Cyble in April 2023, AMOS was sold on Telegram for $1,000 per month, targeting over 50 different crypto wallets, including MetaMask, Coinbase, and Binance. The malware could steal wallet data, potentially allowing attackers to drain users’ funds.
Now, Moonlock warns that AMOS has been upgraded to replace legitimate wallet apps with clones, making it easier to delete victims’ e-wallets.
In particular, it can clone the Ledger Live software used by Ledger hardware wallets, potentially tricking users into sending cryptocurrencies to attackers. This capability is a significant advancement for AMOS.
Cryptocurrency users on macOS should be cautious when downloading software, especially from ads. To ensure authenticity, it is advisable to search for the official website of the app through organic search results rather than clicking on ads.
Malware remains a serious threat to crypto users, with AMOS being a particularly dangerous example.
-
1
Mask Founder Loses $4 Million in Crypto Attack on His Birthday
28.02.2025 22:00 1 min. read -
2
Cybercriminals Exploit GitHub to Distribute Crypto Malware
26.02.2025 20:00 2 min. read -
3
Gotbit Founder Extradited to U.S. Over Alleged Crypto Market Manipulation Scheme
27.02.2025 14:00 2 min. read -
4
Bybit’s Biggest Hack: What Investigators Have Found
04.03.2025 22:00 1 min. read -
5
India Intensifies Bitconnect Investigation, Seizing $190M in Crypto
16.02.2025 17:00 2 min. read
Argentine Lawyer Seeks Global Arrest Warrant for LIBRA Token Co-Creator
An international arrest warrant has been requested for Hayden Davis, co-creator of the LIBRA token, which became the center of a major political scandal in Argentina.
Ripple Co-Founder’s Wallet Compromised in $661 Million XRP Hack in 2024
Chris Larsen, the co-founder of Ripple, suffered a significant financial blow in 2024 when he lost over $661 million worth of XRP due to a security breach in the password management system LastPass.
Georgian Investor Faces Prison Amid Bitcoin Embezzlement Allegations
Venture capitalist and Mission Gate founder George Bachiashvili is now facing imprisonment in Georgia after a court revoked his bail.
Hackers Exploit 1inch Smart Contract, Stealing Over $5 Million
Hackers have exploited a vulnerability in DeFi aggregator 1inch’s resolver smart contract, leading to losses of over $5 million, according to blockchain security firm SlowMist.
-
1
Mask Founder Loses $4 Million in Crypto Attack on His Birthday
28.02.2025 22:00 1 min. read -
2
Cybercriminals Exploit GitHub to Distribute Crypto Malware
26.02.2025 20:00 2 min. read -
3
Gotbit Founder Extradited to U.S. Over Alleged Crypto Market Manipulation Scheme
27.02.2025 14:00 2 min. read -
4
Bybit’s Biggest Hack: What Investigators Have Found
04.03.2025 22:00 1 min. read -
5
India Intensifies Bitconnect Investigation, Seizing $190M in Crypto
16.02.2025 17:00 2 min. read
