A SOC Team’s Guide to Detecting macOS Atomic Stealers

NetmanageIT OpenCTI - opencti.netmanageit.com

A SOC Team’s Guide to Detecting macOS Atomic Stealers



SUMMARY :

This article provides an analysis of the Atomic Infostealer malware family, which has been targeting macOS users throughout 2024. It discusses the various evolving variants, such as Amos, Banshee, Cthulu, Poseidon, and RodrigoStealer, developed and distributed by competing threat actor groups. The malware's distribution methods have expanded to spoof enterprise applications, making it more concerning. The article examines the characteristics, obfuscation techniques, and behaviors of different variants to aid in detection and triage.

OPENCTI LABELS :

malware,macos,infostealer,obfuscation,crimeware,poseidon,rodrigostealer,cthulu,amos atomic,banshee


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


A SOC Team’s Guide to Detecting macOS Atomic Stealers