A new spine-tingling malware is on the loose, and no, it's not lurking in Windows nor Google Play this time — it's targeting macOS. According to BleepingComputer, it's aptly called "Atomic" — and it's being sold to cybercriminals in the shadiest corners of the web for $1,000 a month.
With this ill-intentioned subscription, malicious actors get an easy-to-use victim management UI that lets them snag highly sensitive information, including keychain passwords, cookies, files from local systems, and other data that could potentially leave victims in a serious pickle.
What can Atomic do?
As mentioned, Atomic is an information-stealing malware, but to make matters worse, it can leave its quarries much poorer, too. Cybercriminals who purchase Atomic get a DMG file that contains a 64-bit Go-based malicious software that can snatch credit card information lurking in browsers. This includes Google Chrome, Microsoft Edge, Mozilla Firefox, Yandex, Opera, and Vivaldi.
How does it do it? Well, once Atomic finds its way into a victim's Mac, it can display a bogus password window, prompting users to type in their system passwords. Consequently, attackers can gain access to the quarry's macOS machine and wreak havoc.
Adding salt to the wound, cryptocurrency holders are particularly at risk. This macOS malware is designed to target more than 50 popular cryptocurrency extensions, including Metamask and Coinbase.
Unfortunately, Atomic can fly under the radar. Only one out of 59 anti-virus scanners flagged the malevolent software.
How to dodge Atomic macOS malware
Fortunately, you won't find Atomic lurking inside any official macOS services. It's up to the malicious buyers to distribute Atomic via phishing emails, laced torrents and social media posts. Some even leverage the power of black SEO to target Google searchers, baiting them to download infected applications masquerading as legitimate software.
If you're a cryptocurrency holder, take a look at our best crypto hardware wallets page to protect yourself from digital-asset thieves. I'd advise against using software wallets; your precious virtual currencies are too exposed.
We'd also suggest removing your credit-card information from Google Chrome by navigating to Settings > Autofill > Payment Methods. Tap on the three-dotted icons next to your credit cards and click on "Turn off virtual card." To take it one step further, go to pay.google.com, go to Payment Methods and click "Remove" next to your credit cards.