The bait is two documents in storage. The attachment is recognized as clean by sandboxes, but it disables the Windows firewall.
Cybercrime: here it comes Atomic, a new info-stealer for macOS
Here it comes Atomic, a new info-stealer for macOS. The malware, aka AMOS, is sold with a $1,000-a-month subscription and can be used even by those without technical skills
Atomic is a new information-stealing malware on macOS, also known as “AMOS”. This was revealed by the cybersecurity researcher FastFoodRembrandt.onion. The malicious payload is being sold through private Telegram channels in the form of a $1,000-a-month subscription. Buyers get a DMG file containing the malware, based on 64-bit Go and designed to target Apple operating systems. Objective: To steal keychain passwords, files from local filesystem, cookies and credit cards stored in browsers, as well as data from over 50 cryptocurrency extensions. Customers also get a ready-to-use web panel for easy victim management, a MetaMask brute-forcer, a cryptocurrency checker, a dmg installer, and the ability to receive stolen Telegram logs. In fact, Atomic can also be used by those who do not have advanced technical knowledge.