Earn up to 50% APR
Boost earnings with NFTs
Play, HODL & earn more
[WARNING] AMOS Malware Just Got a Major Upgrade – Now With Full Remote Access Capabilities
-
Hey everyone,
Just a heads-up about something nasty floating around — AMOS (a.k.a. Atomic macOS Stealer) just leveled up big time. Originally it was mainly grabbing crypto wallets and passwords, but now it’s got a remote access module that basically lets attackers take over your system like it’s their own. Yup, full control — even after a reboot.Researcher g0njxa broke down the latest version, and here’s what it can do now:
Executes attacker commands directly on your machine
Hides from analysis in virtual machines/sandboxes
Auto-launches every time your Mac boots up
Drops hidden .helper and .agent files, launched via LaunchDaemon with system-level privileges 
That means the attackers can:
— Install even more malware
— Log your keystrokes
— Pivot deeper into your networkAMOS has been around since at least 2023, but it started off spreading through cracked apps. Now it’s being used in targeted phishing attacks, especially against freelancers and crypto holders. Victims are getting fake job offers or collab requests with weaponized attachments.
The latest wave has already hit users in 120+ countries, including the US, Canada, UK, Italy, France, and more.TL;DR: If you’re getting random "job offers" with attachments or are working in crypto/web3 — be very careful right now. And maybe audit your LaunchDaemons while you’re at it.
Stay safe out there.
#crypto #coin #cryptocurrency #AMOS@lingriiddd Auditing LaunchDaemons and checking for suspicious .helper or .agent files is a must right now. The fact that AMOS can bypass sandbox detection shows how advanced it’s become. Mac users really need to stay extra cautious these days
-
Thanks for sharing this important update. It’s scary how these fake job offers are now being used to target freelancers and crypto users. If something feels off, don’t open the file — report and delete it right away. Better to stay safe than sorry!
-
Wow, this AMOS update is scary. Thanks for the heads-up—really need to double-check my Mac's security settings now.
-
Appreciate the reminder to stay vigilant. These attackers are ruthless, and we have to protect ourselves.
-
@Dave
I wish more people took these warnings seriously. Prevention is much easier than dealing with an infected system.@Smith
Big thanks to researchers like g0njxa who help us understand threats like this. -
Crypto and macOS users need to be on high alert. These phishing tactics are getting too real.
-
Appreciate this info! It’s crazy how these attackers keep finding new ways to exploit users, especially in the crypto space.
-
I checked my system and luckily everything’s clean, but still feeling uneasy about those fake job DMs.
