Hackers are going after macOS users with sneaky new malware
A fresh wave of cyberattacks is targeting macOS users with the Atomic macOS Stealer (AMOS) malware.
Attackers are getting creative—using fake Google ads, lookalike websites, cracked app pages, and even bogus ChatGPT/Grok links to trick people into pasting harmful commands into their Terminal.
This move lets them slip past Apple's built-in security.
How AMOS works—and why it matters
Once someone runs the malicious command, it secretly downloads scripts that pop up password requests and install both AMOS and a backdoor for remote access.
The malware then grabs everything from your Keychain passwords and browser logins to crypto wallet info, Telegram data, Wi-Fi credentials, and personal docs.
Security experts warn that AMOS is now sold as "Malware-as-a-Service," making these attacks more common in 2025—even though many think Macs are safer than Windows PCs.
Stay sharp before entering commands you find online!