New macOS malware steals credit card info in Chrome — do this before you're next
It's called 'Atomic' for a good reason
A new spine-tingling malware is on the loose, and no, it's not lurking in Windows nor Google Play this time — it's targeting macOS. According to BleepingComputer, it's aptly called "Atomic" — and it's being sold to cybercriminals in the shadiest corners of the web for $1,000 a month.
With this ill-intentioned subscription, malicious actors get an easy-to-use victim management UI that lets them snag highly sensitive information, including keychain passwords, cookies, files from local systems, and other data that could potentially leave victims in a serious pickle.
What can Atomic do?
As mentioned, Atomic is an information-stealing malware, but to make matters worse, it can leave its quarries much poorer, too. Cybercriminals who purchase Atomic get a DMG file that contains a 64-bit Go-based malicious software that can snatch credit card information lurking in browsers. This includes Google Chrome, Microsoft Edge, Mozilla Firefox, Yandex, Opera, and Vivaldi.
How does it do it? Well, once Atomic finds its way into a victim's Mac, it can display a bogus password window, prompting users to type in their system passwords. Consequently, attackers can gain access to the quarry's macOS machine and wreak havoc.
Adding salt to the wound, cryptocurrency holders are particularly at risk. This macOS malware is designed to target more than 50 popular cryptocurrency extensions, including Metamask and Coinbase.
Unfortunately, Atomic can fly under the radar. Only one out of 59 anti-virus scanners flagged the malevolent software.
How to dodge Atomic macOS malware
Fortunately, you won't find Atomic lurking inside any official macOS services. It's up to the malicious buyers to distribute Atomic via phishing emails, laced torrents and social media posts. Some even leverage the power of black SEO to target Google searchers, baiting them to download infected applications masquerading as legitimate software.
Stay in the know with Laptop Mag
Get our in-depth reviews, helpful tips, great deals, and the biggest news stories delivered to your inbox.
If you're a cryptocurrency holder, take a look at our best crypto hardware wallets page to protect yourself from digital-asset thieves. I'd advise against using software wallets; your precious virtual currencies are too exposed.
We'd also suggest removing your credit-card information from Google Chrome by navigating to Settings > Autofill > Payment Methods. Tap on the three-dotted icons next to your credit cards and click on "Turn off virtual card." To take it one step further, go to pay.google.com, go to Payment Methods and click "Remove" next to your credit cards.
Kimberly Gedeon, holding a Master's degree in International Journalism, launched her career as a journalist for MadameNoire's business beat in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, easy-to-understand, entertaining stories for young women of color. During her time on the business beat, she discovered her passion for tech as she dove into articles about tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. After eight years of freelancing, dabbling in a myriad of beats, she's finally found a home at Laptop Mag that accepts her as the crypto-addicted, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!