Atomic macOS Stealer Malware Can Steal Keychain Info, Files, Browser Wallets and More

[ikramerica]

You can’t use biometric on MacOS because Apple won’t let you. Touch ID, watch unlock, etc work for a while then MacOS decides it’s been too long since the last time you entered your password and prompts that a password is REQUIRED to enable touch ID. Which makes it a convenience, not security.

 

[0924487]

malware is "malicious software". No, that is not legal.

Nope, malware is only malware when it’s being used maliciously, before that, it’s called an exploit, but unless you are STEM inclined, you wouldn’t know what that means. So, malware it is.

I can write you a piece of malware in 30 seconds. It can do a lot of damage if you deploy it to your local public school.

 

[trusso]

hey y’all, I just want to hijack this thread and say that I can’t wait for sideloading on iOS because you can put whatever you want on your Mac.
/s

Found the strawman.

 

[0924487]

not when u make a business out of it, i don't believe it is

Selling your packaged read to go malware is common practice and expected. It’s in a legal grey area, but happens on the dark web all the time. Companies may sue you for IP infringement or DMCA, but before malware is deployed maliciously, it’s not a criminal offence. That’s why companies offer millions as bounties to buy off the researchers.

FBI, NSA and other private hacking consulting firms buy exploits all the time.

 

[PineappleCake]

I

MacOS only has 7% global marketshare anyway.

if macos is great then why does only 7% of users use it

 

[Unregistered 4U]

I agree that opening it up to other sellers will increase the opportunity for more malware installations. Anyone overly concerned about this can keep getting their apps from the one and only source where they feel secure.

The point is that there are people who DON’T know better using iOS devices and, today, it doesn’t even matter. While they can still visit malicious websites and even accept malicious calls, they can’t download software that takes over their iOS device. With the proposed changes, hundreds of millions of folks will be open to a new vectors of attack, just by updating to the latest OS. And, the trillions of dollars will continue to climb!

Now where's the study on the economic cost of having only a single seller of anything for many years vs. savings of competition?

Just speaking to the reality. Malware WILL increase, millions currently safe from it (or, at the most, only exposed via the App Store) on particular devices will be exposed and exploited, horribly so. And it won’t be a matter of having someone look at a list of clearly defined subscriptions and turning them off.

Some feel that the benefits are worth giving a big helping hand to the Malware makers, and I suppose it’s good that there are folks that will stand up for those malicious actors!
#MalwareForiOS!

 

[Unregistered 4U]

2. if this aint signed with a dev certificate, its quite hard to run unsigned software on macOS so you have to be an absolute imbecyle to somehow start this piece of crap

No, it’s not. In fact, you can talk someone through doing it. And if YOU can talk someone through doing it, anyone working in the myriad number of call centers can talk them through doing it.

 

[burgman]

No, how long have Macs been around? And how long have Mac users been able to get their apps from any source? And how devastating has that flexility been for the majority of Mac people?

Yes, there are cases but relatively few and far between. The App Store is not immune either- occasionally a nefarious app gets through and affects users who downloaded that app. Windows runs on far more computers and has far more viruses/trojans/malware (and far more bad guys trying their best to do this kind of thing there) and yet there are not really that many cases where someone's life is destroyed even in that Windows world due to this sort of thing.

We don't need "security" to scare the masses into embracing a monopoly scenario of buying from one and only one source. No consumer wins when all competition for their business is reduced down to a single seller. I cannot recall any situation in all of history where a single seller does not exploit their exclusive position... until competition shows up and drives down pricing for the same products or services.

Consumers simply need to be smart and make good decisions about who they trust. Will even the smart ones get that wrong sometimes? YES. Does even Apple let a bad app in the App store sometimes? YES.

But no need to cede competitive marketplaces to single sellers out of this type of fear. Anyone that afraid can already embrace getting their apps from the divine, one and only. Everyone else should prefer to hang on to the great power of consumer flexility to shop around and choose for themselves vs. trust one- and only one- seller. There is no consumer win in that scenario... only an illusion of one... much like the illusion that the whole world will be destroyed once people can choose to get apps for their iDevices from sources other than Apple. We've had periods where that has been possible too (jailbreaking) and there was never any story where all who dared buy elsewhere suffered devastation, fire & brimstone.

Again, anyone too afraid to shop from other stores, won't have to do so. They can maintain their illusion of security by continuing to buy from only Apple. However, others may prefer some genuine Capitalism competition, the concept of more of the money we pay potentially reaching those who create what we buy, AND the flexibility to have apps that Apple refuses to allow for any old reason (not always an actual good reason).

IMO: just as we are with Mac apps, we will be better off when there is more than one seller of iDevice apps. And just as we experience with our Macs, the odds in the impending doom & destruction spun by that potential seems farrrrrrrrr overblown. We already know this because our Macs are loaded with the same keychain, the same private information, etc. We simply pretend that it will be different with iDevices for some reason. Why? Mostly because Apple says so. Why? Because there is a LOT of easy revenue in Apple's cut of every single sale in the one and only iDevice store. No exclusive seller of anything EVER wants competition... and will say & do ANYTHING to try to maintain their lock on that easy money.

And yet this article, and many more about Mac, Windows, and IOS malware shows the fallacy of your trigger word laden rant. Not everyone wears a cape of delusional invincibility of having the time or skills to analyze hundreds or thousands lines of code just to see if an app or file is safe. Trust in someone else is required.

 

[HobeSoundDarryl]

The point is that there are people who DON’T know better using iOS devices and, today, it doesn’t even matter. While they can still visit malicious websites and even accept malicious calls, they can’t download software that takes over their iOS device. With the proposed changes, hundreds of millions of folks will be open to a new vectors of attack, just by updating to the latest OS. And, the trillions of dollars will continue to climb!


Just speaking to the reality. Malware WILL increase, millions currently safe from it (or, at the most, only exposed via the App Store) on particular devices will be exposed and exploited, horribly so. And it won’t be a matter of having someone look at a list of clearly defined subscriptions and turning them off.

Some feel that the benefits are worth giving a big helping hand to the Malware makers, and I suppose it’s good that there are folks that will stand up for those malicious actors!
#MalwareForiOS!

OK, again, some GOVs are forcing the issue just like USB-C. So before the world is destroyed by adopting this terrible change dooming us all, slower moving countries will get the great benefit of observing the devastation of select countries who go there first.

After witnessing their utter demise as nations, smarter countries may opt to not destroy themselves too by leaving things as is.

Bottom line: no worries except for those poor innocents with iDevices in those countries with leaders who are forcing this first. We can all cry and pray for those doomed souls that even mighty Apple could not save due to foolish elected officials trying to force a basic concept of Capitalism that generally is crucial to most favorably managing the consumer end of all transactions.

I already weep for those poor millions myself.

 

[blazerunner]

I

if macos is great then why does only 7% of users use it

One of life's great mysteries.

 

[svish]

Always good to install apps from the Mac App store or from a trusted software developer/website.

 

[purplerainpurplerain]

Does this app require one to authenticate in order to install it?

If so, duh.

Means little in this context.

The people who made this malware are specifically targeting crypto wallets. They know that crypto people are easy targets for social engineering attacks.

They know that most crypto people want everything for free. They want software for free and will authenticate pirate apps. They want money for free and will try to recruit new people into pyramid schemes and pump n dumps.

They will spam all social media with links to their malware and as long as 3% of people click the link and install the app then it is considered profitable attack.

They also pretend to be tech support and make users download and authenticate the malware.

 

[purplerainpurplerain]

I can’t think of anything i’ve ever gotten from the App Store.

Let’s see why…

Even adobe isn’t on the App Store. Nor are things like VLC, superduper, emulators,

Yes Adobe is on there.

bit torrent clients.

The perfect target for social engineering attacks.

 

[verm]

Should one be wary if using a password manager browser extension? And is is safe to use homebrew to install apps outside of the App Store? Thanks in advance.

 

[hans1972]

Use a little common sense and download things straight from the developer, and don't try to install cracked stuff off of shady websites.

But that's what good about the iOS security model. I don't have to use common sense and I don't have to vet websites.
And even if Apple's vetting is wrong, they can stop the app from working on all devices as soon as they find out.

I want to do as little security thinking as possible when I use computers.

 

[hans1972]

You don't need to only install things from the App Store, you just need to use common sense. Installing things from random sources that you have no idea how to verify their legitimacy has been a bad thing since the dawn of malware.

With the iOS security model, you don't need to use common sense. And there is only one source for software so you don't need to verify each vendor.

 

[Choco Taco]

With the iOS security model, you don't need to use common sense. And there is only one source for software so you don't need to verify each vendor.

This thread is about macOS.

 

[SpotOnT]

That's ok, MacOS only has 7% global marketshare anyway. Eventhough it's a great OS and Apple's best product, for some stupid reason people flock to iPhones instead.

That is because most people don’t need to actually produce anything, they just need to consume content.

 

[SpotOnT]

So is I have used Little Snitch to alert me anytime anything wants to communicate w the web, I got it made, right?

If you aren’t installing unknown applications from disc images (.dmg) you got it made.

 

[SpotOnT]

No, how long have Macs been around? And how long have Mac users been able to get their apps from any source? And how devastating has that flexility been for the majority of Mac people?

Ok, see, you are assuming iOS users are as smart as macOS users…..

 

[swm]

i hope it is obvious to everyone, that it cannot get neither wallet nor keychain information, unless you type in your password at its fake prompt.

 

[cmcbhi]

Is the seller going to get arrested ? I hope he does.

Why should he be arrested. hey are only doing what he EUgo Union wants.
You wanna side load?
Are you that lacking in intelligence?

 

[Stiksi]

You’ve got it MORE made if you just don’t
download random .dmg files from the internet,
open those .dmg files,
execute the application IN those .dmg files and
then, when asked for a password, actually supply it.

Don’t do that (and don’t let anyone use your login) and you don’t have anything to be concerned about from this particular thing.

No one is downloading random dmg files, that’s not how it works. It will look like a totally reputable app and it would take a little bit of work to find out that it’s a trojan. That’s why people get fooled, not because you are somehow a superior being but because it looks like the real thing.

 

[Unregistered 4U]

No one is downloading random dmg files, that’s not how it works. It will look like a totally reputable app and it would take a little bit of work to find out that it’s a trojan. That’s why people get fooled, not because you are somehow a superior being but because it looks like the real thing.

It IS a random dmg file. The fact that it LOOKS like a totally reputable app doesn’t change the fact that it’s a random dmg file. A totally reputable app would come from a reputable company and would most likely be distributed by that reputable company via their reputable website.

Anything else, regardless of how reputable it looks, is a random dmg file.

 

[MikeMo]

Aren't the keychain passwords crypto-graphed?

What's the point of finger auth and typing a password if a stealer can steal the file with all the passwords????

You might note that Keychain isn’t in the list. Neither is Safari. Maybe the malware doesn’t work on them.