Atomic Stealer (AMOS) has evolved from being distributed through cracked macOS software to sophisticated supply chain attacks targeting AI agentic workflows. By manipulating platforms like OpenClaw and uploading malicious SKILL.md files to repositories like ClawHub and SkillsMP, threat actors use AI agents as trusted intermediaries to present fake setup requirements to unsuspecting users.
This variant of AMOS employs deceptive human-in-the-loop tactics, such as pop-up dialogue boxes that trick users into manually entering their system passwords. While it lacks persistence mechanisms, the malware effectively exfiltrates sensitive data including Apple and KeePass keychains, cryptocurrency wallets, and various documents, using a multi-key XOR scheme to encrypt its internal strings and communication.
Top comments (0)