Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer

Atomic Stealer (AMOS) has evolved from its traditional distribution via cracked software to a sophisticated supply chain attack targeting AI agentic workflows. Attackers are now embedding malicious instructions in SKILL.md files on platforms like OpenClaw to manipulate AI agents into acting as trusted intermediaries. By deceiving the AI into presenting fake setup requirements, the malware tricks users into manually facilitating the infection on macOS systems. Technically, this variant uses Mach-O universal binaries and multi-key XOR encryption to evade detection while harvesting a broad range of sensitive data. It targets Apple and KeePass keychains, browser credentials, cryptocurrency wallets, and private messages. Although it lacks typical persistence mechanisms, its ability to exploit the trust between users and AI agents represents a significant shift in social engineering tactics within the cybersecurity landscape. Read Full Article

Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer

Related Articles

What I learned about X-HEEP by Benchmarking

No more Chinese Polestar 3s as production shifts entirely to the US

The most important 40 mcq with its answers How to use Android visual studio to make a mobile app

What is Agent Script? How to Build Agents with It in Agentforce

I Coded 3 Famous Trading Strategies in Pine Script and Backtested All of Them. None Passed.

Related Articles

How-To
What I learned about X-HEEP by Benchmarking
Medium Programming • 7h ago

How-To
No more Chinese Polestar 3s as production shifts entirely to the US
Ars Technica • 8h ago

How-To
The most important 40 mcq with its answers How to use Android visual studio to make a mobile app
Medium Programming • 8h ago

How-To
What is Agent Script? How to Build Agents with It in Agentforce
Medium Programming • 8h ago

How-To
I Coded 3 Famous Trading Strategies in Pine Script and Backtested All of Them. None Passed.
Medium Programming • 9h ago