Earn up to 50% APR
Boost earnings with NFTs
Play, HODL & earn more
[WARNING] AMOS Malware Just Got a Major Upgrade – Now With Full Remote Access Capabilities
-
Hey everyone,
Just a heads-up about something nasty floating around — AMOS (a.k.a. Atomic macOS Stealer) just leveled up big time. Originally it was mainly grabbing crypto wallets and passwords, but now it’s got a remote access module that basically lets attackers take over your system like it’s their own. Yup, full control — even after a reboot.Researcher g0njxa broke down the latest version, and here’s what it can do now:
Executes attacker commands directly on your machine
Hides from analysis in virtual machines/sandboxes
Auto-launches every time your Mac boots up
Drops hidden .helper and .agent files, launched via LaunchDaemon with system-level privileges 
That means the attackers can:
— Install even more malware
— Log your keystrokes
— Pivot deeper into your networkAMOS has been around since at least 2023, but it started off spreading through cracked apps. Now it’s being used in targeted phishing attacks, especially against freelancers and crypto holders. Victims are getting fake job offers or collab requests with weaponized attachments.
The latest wave has already hit users in 120+ countries, including the US, Canada, UK, Italy, France, and more.TL;DR: If you’re getting random "job offers" with attachments or are working in crypto/web3 — be very careful right now. And maybe audit your LaunchDaemons while you’re at it.
Stay safe out there.
#crypto #coin #cryptocurrency #AMOS@lingriiddd
This is why I always sandbox everything before opening attachments. These phishing campaigns are getting too realistic. -
Hey everyone,
Just a heads-up about something nasty floating around — AMOS (a.k.a. Atomic macOS Stealer) just leveled up big time. Originally it was mainly grabbing crypto wallets and passwords, but now it’s got a remote access module that basically lets attackers take over your system like it’s their own. Yup, full control — even after a reboot.Researcher g0njxa broke down the latest version, and here’s what it can do now:
Executes attacker commands directly on your machine
Hides from analysis in virtual machines/sandboxes
Auto-launches every time your Mac boots up
Drops hidden .helper and .agent files, launched via LaunchDaemon with system-level privileges That means the attackers can:
— Install even more malware
— Log your keystrokes
— Pivot deeper into your networkAMOS has been around since at least 2023, but it started off spreading through cracked apps. Now it’s being used in targeted phishing attacks, especially against freelancers and crypto holders. Victims are getting fake job offers or collab requests with weaponized attachments.
The latest wave has already hit users in 120+ countries, including the US, Canada, UK, Italy, France, and more.TL;DR: If you’re getting random "job offers" with attachments or are working in crypto/web3 — be very careful right now. And maybe audit your LaunchDaemons while you’re at it.
Stay safe out there.
#crypto #coin #cryptocurrency #AMOS@lingriiddd
Appreciate the details — hadn’t heard about the .helper and .agent files. Will definitely check for those. Crypto people really need to stay paranoid lately. -
@lingriiddd
This is why I always sandbox everything before opening attachments. These phishing campaigns are getting too realistic. -
Urgent Warning for Mac Users! "AMOS" malware can now do more than just steal crypto - it can take FULL CONTROL of your Mac!
Avoid phishing emails/job offers
Don't download cracked software
Check your LaunchDaemons (/Library/LaunchDaemons/)
Keep antivirus updated#MacUsers Beware! Share this post to spread awareness.
Stay Safe, Stay Alert!
[Source: g0njxa research + cybersecurity experts]
Tag your Mac-using friends in comments!
Pro Tip: Enable two-factor authentication (2FA) for extra security! -
Can’t believe how fast malware like AMOS evolves. Remote access even after reboot? That’s next level terrifying.
-
Hey everyone,
Just a heads-up about something nasty floating around — AMOS (a.k.a. Atomic macOS Stealer) just leveled up big time. Originally it was mainly grabbing crypto wallets and passwords, but now it’s got a remote access module that basically lets attackers take over your system like it’s their own. Yup, full control — even after a reboot.Researcher g0njxa broke down the latest version, and here’s what it can do now:
Executes attacker commands directly on your machine
Hides from analysis in virtual machines/sandboxes
Auto-launches every time your Mac boots up
Drops hidden .helper and .agent files, launched via LaunchDaemon with system-level privileges That means the attackers can:
— Install even more malware
— Log your keystrokes
— Pivot deeper into your networkAMOS has been around since at least 2023, but it started off spreading through cracked apps. Now it’s being used in targeted phishing attacks, especially against freelancers and crypto holders. Victims are getting fake job offers or collab requests with weaponized attachments.
The latest wave has already hit users in 120+ countries, including the US, Canada, UK, Italy, France, and more.TL;DR: If you’re getting random "job offers" with attachments or are working in crypto/web3 — be very careful right now. And maybe audit your LaunchDaemons while you’re at it.
Stay safe out there.
#crypto #coin #cryptocurrency #AMOS@lingriiddd Auditing LaunchDaemons and checking for suspicious .helper or .agent files is a must right now. The fact that AMOS can bypass sandbox detection shows how advanced it’s become. Mac users really need to stay extra cautious these days
-
Thanks for sharing this important update. It’s scary how these fake job offers are now being used to target freelancers and crypto users. If something feels off, don’t open the file — report and delete it right away. Better to stay safe than sorry!
Vegan zombies have it rough these days 
️ Mac Alert! "AMOS" malware can now fully control your Mac 
Avoid suspicious emails/job offers