A SOC Team’s Guide to Detecting macOS Atomic Stealers
released on 2024-09-13 @ 08:59:24 AM
This article provides an analysis of the Atomic Infostealer malware family, which has been targeting macOS users throughout 2024. It discusses the various evolving variants, such as Amos, Banshee, Cthulu, Poseidon, and RodrigoStealer, developed and distributed by competing threat actor groups. The malware's distribution methods have expanded to spoof enterprise applications, making it more concerning. The article examines the characteristics, obfuscation techniques, and behaviors of different variants to aid in detection and triage.