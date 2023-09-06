This year we’ve seen a powerful new malware launch called Atomic macOS Stealer (AMOS) that specifically targets Apple users. Now in the latest development, AMOS has been found in malicious ads for Google searches. Here’s how to avoid this threat and help others do the same.

The latest instance of the Atomic macOS Stealer was spotted by researchers at Malwarebytes in what is considered a “malvertising campaign.”

Malwarebytes notes that the majority of these recent malicious campaigns have targeted Windows, but the new Atomic Stealer stands out as being able to target both Windows and Mac.

As a quick refresher, once a Mac is infected with AMOS, it can steal iCloud Keychain passwords, credit card information, files, crypto wallets, and more (read more details in our previous coverage).

Here’s how the new malvertising campaign works to compromise Macs:

Malicious ads for Google searches target Mac users

Phishing sites trick victims into downloading what they believe is the app they want

The malware is bundled in an ad-hoc signed app so it cannot be revoked by Apple

The payload is a new version of the recent Atomic Stealer for OSX (macOS)

To get around Google’s ad quality checks, Malwarebytes believes threat actors are using compromised ad accounts to buy the ads that lead to phishing sites.

For a detailed look at the mechanics of this malvertising campaign, check out the full post from Malwarebytes.

How to protect against Atomic macOS Stealer

The good news is this specific attack is very preventable…

Don’t download software from untrusted or unknown sources

Be wary if an app asks you to bypass macOS GateKeeper protections

If you do want to download an app outside Apple’s Mac App Store, check when the website was created

How to check your Mac for malware

If you want to do a checkup on your Mac to make sure there’s no malware or adware, Malwarebytes offers a free app (for individuals) to find and remove it.

More options include CleanMyMac X, Norton, and McAfee. Read more tips in our full guide on: