“A major threat to Macs”: this password stealer should be taken very seriously

Cybercriminals continue to improve their tools to extend to Apple computers. At the end of February, BitDefender spotted a phishing campaign deploying a new version of Atomic Stealer, malware dedicated to information theft. Cyber ​​experts describe the modus operandi in a report. For BitDefender, Atomic Stealer represents “ one of the biggest threats to Macs “.

This malware inspects data stored in browser (Chrome, Brave, Edge, Vivaldi and Opera) to find credentials, or may simply dig through system folders.

Generally, the victim will have downloaded the “stealer” inadvertently, through a phishing email or fraudulent site. This will take the form of a .dmg (clean) format file, Apple application format, which must then be “dropped” as we generally do with applications on the Mac interface.

Target passwords stored in the browser

The program will then ask you for the user password through a fake dialog box that pretends to be the system. “ This technique is typical of new Atomic Stealer variants » says the BitDefender report. The malware will then take advantage of a backdoor to allow the criminals to exfiltrate data. BitDefender had already noticed this technique through the RustDoor malware last November. Using the Rust language allows it to work on both Macs based on an Intel chip (Core i) and on Macs with an Apple Silicon chip (Apple M).

Passwords, browser cookies, encryption keys will all be stored in an archive file on the computer which can be accessed by hackers. BitDefender notes that the malware can also attack cryptocurrency wallet data. The brands concerned are Electrum, Coinomi, Exodus and Atomic.

In addition to the fact that it is better to avoid ending up with this software on your computer, it is also recommended to store essential passwords in an external password manager rather than in the browser.

If you liked this article, you will like the following: don’t miss them by subscribing to Numerama on Google News.