← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Atomic Stealer distributed to Mac users via fake browser updates
WHITE AlienVault 2023-11-22 Modified: 2023-12-22
6
IOCs
LOW VOLUME
MalwareBytes reports that Atomic Stealer (a.k.a. AMOS) is now being delivered to Mac users via a fake browser update chain tracked as ‘ClearFake’.
atomic stealeramosclearfakemacos
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Atomic Stealer
Indicators of Compromise (6)
All FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 4cb531bd83a1ebf4061c98f799cdc2922059aff1a49939d427054a556e89f464 2023-11-22
FileHash-SHA256 be634e786d5d01b91f46efd63e8d71f79b423bfb2d23459e5060a9532b4dcc7b 2023-11-22
domain chalomannoakhali.com 2023-11-22
domain jaminzaidad.com 2023-11-22
domain longlakeweb.com 2023-11-22
domain royaltrustrbc.com 2023-11-22
References (1)
↗ https://www.malwarebytes.com/blog/threat-intelligence/2023/11/atomic-stealer-distributed-to-mac-users-via-fake-browser-updates