While the notion that macOS is less susceptible to malware than Windows has long persisted. As the market’s smaller players lack dominant market positions and possess unique security features that diverge from malware developers’ approaches? Assuming that unconventional attacks and malware were the primary concerns, This assumption has finally passed away.
Malware targeting mainstream operating systems, including macOS, is now a regular occurrence, although the extent of these attacks may not yet match those on Windows-based devices. Infostealers serve as a prime example: According to Sophos telemetry analytics, they are accountable for more than 50 percent of all macOS anomalies over the past six months, with Atomic MacOS Stealer (AMOS) being one of the most prevalent families.
The latest version of AMOS is now available on public Telegram channels for promotion and sales. As of May 2023, I still had around 900 euros to spare each month, but by May 2024, I’ll already have to lay out a whopping 2,715 euros. While AMOS is not the sole competitor in the market, other notable players like MetaStealer, KeySteal, and CherryPie do exist; however, AMOS remains the most prominent one. Sophos has compiled a comprehensive brief on the effects and modus operandi of AMOS to better equip itself in defense.
One potential driving force behind this announcement is the European Union’s Digital Markets Act (DMA), which requires Apple to make available alternative app marketplaces to EU-based iPhone users as of iOS 17.4, thereby addressing concerns about competition and innovation in the digital marketplace? Developers will also be allowed to distribute apps directly from their website, which may mean that malicious actors seeking to spread iOS malware versions of AMOS could employ the same Malvertising techniques currently used to target macOS users.
- Users should exclusively use software programs from reputable sources on every device. Particular caution is warranted when encountering pop-ups requesting passwords or elevated privileges.
- All thieves identified by Sophos X-Ops were not official Apple retailers and have not been cryptographically verified by Apple. When software requests sensitive information like passwords or unauthorized access, alarm bells should start ringing – especially with third-party applications.
- Typically, browsers store encrypted Autofill data and the corresponding key at a specific location. Malware-infected systems can easily yield both. A cryptographic approach based on a passphrase or biometric data can safeguard against this type of attack.
A detailed description of the procedure accompanied by numerous screenshots is provided in the.
