While there are fewer active security threats facing users who have adopted an Apple ecosystem rather than a Windows one, that does not mean there are none. The Mac user base has grown to over 100 million, making it an attractive target for hackers. Indeed, this year I have reported on the Banshee Stealer hack attack, the FrigidStealer fake updates threat, and a surge in password infostealer attacks targeting macOS users in general. The latest threat, however, is particularly dangerous: a macOS backdoor that is persistent, can issue remote attack commands and is found in malware being deployed right now. Here’s what you need to know about the latest Atomic macOS Stealer Malware-as-a-Service evolution.
Atomic macOS Stealer Introduces Dangerous Apple Backdoor Threat
According to the Moonlock lab team, the Atomic macOS Stealer, also known as AMOS, has just experienced a decisive and dangerous upgrade. “For the first time,” the security researchers said, “it’s being deployed with an embedded backdoor.” The evolutionary step has led the Moonlock team to apply the highest level of risk for the AMOS threat to date. And that is hardly surprising, seeing as the backdoor now means that a successful attacker can not only maintain ongoing access to the victim’s Apple Mac, with the backdoor surviving system reboots, but they can also gain “extended control over compromised machines,” and execute arbitrary and dangerous commands from remote attack servers. This isn’t the first macOS backdoor, it has to be said, but it’s of critical importance nonetheless.
And be in no doubt, given that AMOS attackers, thanks to its nature of being operated as a Malware-as-a-Service platform, has already hit more than 120 countries, with the U.S. and U.K at the top of the attack list. This latest addition to the AMOS attack arsenal represents what the Moonlock researchers referred to as a “significant escalation in both capability and intent,” which means that the threat it represents to Apple users is “longer limited to stolen credentials or documents,” but rather it “opens the door to full system compromise.”
How To Mitigate The AMOS Apple Mac Backdoor Threat
Describing, rather aptly if chirpily, the AMOS backdoor as being like “a burglar who doesn’t leave after the theft but moves in and waits for the victim to buy more stuff so they can strike again,” Moonlock said it’s more important than ever to reduce your digital footprint to help mitigate these attacks. That might sound odd, but given that AMOS attacks rely upon sourcing intelligence from social media postings so as to research targets before hitting them with a phishing campaign to gain initial account access, it’s good advice. “The more they know,” the Moonlock security team said, “the more convincing their phishing attempts become and the more widespread AMOS gets.”
Do not take this warning lightly; it’s as serious as it gets. Bear in mind that such a backdoor, embedded into your Apple Mac, brings with it the ability to employ surveillance over weeks, months and even years. “The AMOS threat group already has a large infection base,” Moonlock warned, “and an active campaign underway.”
Source: New Apple macOS Backdoor Warning As Hackers Threaten 100 Million Users
