Atomic Stealer (AMOS) has evolved from its traditional distribution via cracked software to a sophisticated supply chain attack targeting AI agentic workflows. Attackers are now embedding malicious instructions in SKILL.md files on platforms like OpenClaw to manipulate AI agents into acting as trusted intermediaries. By deceiving the AI into presenting fake setup requirements, the malware tricks users into manually facilitating the infection on macOS systems.
Technically, this variant uses Mach-O universal binaries and multi-key XOR encryption to evade detection while harvesting a broad range of sensitive data. It targets Apple and KeePass keychains, browser credentials, cryptocurrency wallets, and private messages. Although it lacks typical persistence mechanisms, its ability to exploit the trust between users and AI agents represents a significant shift in social engineering tactics within the cybersecurity landscape.
Top comments (1)
Some comments may only be visible to logged-in visitors. Sign in to view all comments.