Mac OS Compromised with Atomic Hack

Here's the big section of the article:

Having done the above, Atomic proceeds to extract information from software that runs on the breached macOS machine, including the following:

  • Desktop cryptocurrency wallets: Electrum, Binance, Exodus, Atomic
  • Cryptocurrency wallet extensions: 50 extensions are targeted in total, including Trust Wallet, Exodus Web3 Wallet, Jaxx Liberty, Coinbase, Guarda, TronLink, Trezor Password Manager, Metamask, Yoroi, and BinanceChain.
  • Web browser data: auto-fills, passwords, cookies, and credit cards from Google Chrome, Mozilla Firefox, Microsoft Edge, Yandex, Opera, and Vivaldi.
  • System information: Model name, hardware UUID, RAM size, core count, serial number, and others.

Atomic also gives operators the capability to steal files directly from the victim's 'Desktop' and 'Documents' directories.

However, the malware must request permission to access these files, which creates an opportunity for victims to realize the malicious activity.

45 thoughts on “Mac OS Compromised with Atomic Hack”

  1. Happily I am poor peasant that can’t afford Mac, so this problem doesn’t concern me.

  2. I think I remember there were warnings about this ecosytem but like a degen I did not pay attention.

  3. This Atomic hack is no joke… With ledger people just got annoyed but now people lost lots of money..

  4. People say macs dont get viruses 🤣 this is a fucking crazy expensive virus. Im not surprised but it is absolutely shocking.

    How can we even expect to move forward when its this unsafe? When the govt comes in to ‘protect’ us theyll fuck us even worse.

    Edit: I know macs not getting viruses is a misconception, not my opinion, just a public falsity

  5. So this Atomic hack isn’t the exploit from Atomic wallet, but a separate malware named Atomic?

    Is it a coincidence? 👀

  6. >However, the malware must request permission to access these files, which creates an opportunity for victims to realize the malicious activity.

    This really got me almost worried until this point. This means MacOS is actually working exactly as expected and the app must ask for permissions to read the victim’s files.

    Also I wonder how the passwords are extracted: Keychain stores them encrypted by secure standards, so this must also been done with either phishing (asking for your system pw) or bruteforcing weak user passwords.

  7. Got to be safe out here always revoke contracts when you’re finished make sure you double check what you’re accepting.

  8. My condolences, for everyone who got in this mess. This is exactly why crypto won’t go mainstream. Every month, there’s a huge hack on a popular wallet and general software etc…..
    It’s like playing musical chairs to avoid getting rekt.

  9. I’ve heard some used it on a pc they rarely turn on. If it’s not connected to the internet or even on and they used atomic wallet it would seem the hole is with atomic wallet code

    Some hadn’t even used atomic wallet for some time. It’s such a mix of info some with really low karma and newish but still a lot with old accounts so we know there’s fire somewhere

  10. This seems unrelated. As per the article it affects macOS/desktop environment and the vector of attack is basically phishing. Also Atomic is the name of the malware package and can affect the atomic wallet but its unrelated to the current Atomic Wallet hack. If it were related to this we would be seeing reports about lots of other non Atomic wallets being compromised, so the current hack seems to be specific to Atomic Wallet.

  11. You need to give the software installed (a DMG) your system password for it to do anything.

    Don’t install DMGs from random websites. Or EXEs. Or MSIs.

    Your computer is as secure as you want it to be, the OS doesn’t really matter.

  12. So many hacks and scammers. I’m feeling previlged to not be a victim of any so far.

    For those who got hurt by them, hope it never happens again. Hackers and scammers deserve a place in hell.

    Everything is getting hacked lately, horrible for the whole community and a good bye kiss for mass adoption.

  13. The list is literally of the most popular wallets out there:

    >Desktop cryptocurrency wallets: Electrum, Binance, Exodus, Atomic
    >Cryptocurrency wallet extensions:
    50 extensions are targeted in total, including Trust Wallet, Exodus
    Web3 Wallet, Jaxx Liberty, Coinbase, Guarda, TronLink, Trezor Password
    Manager, Metamask, Yoroi, and BinanceChain.

    My man…

  14. I read the article. Just a heads up, this has nothing to do with the Atomic Wallet or just crypto in specific. This is a general attack on MacOS using a malware that requires distribution, and user authentication.

    Browser/Desktop wallets are hot wallets and are susceptible in general, don’t store bank/credit card passwords in keychains, protect your Apple/Google accounts with hardware keys. Stay safe out there.

    The article describes a Victim Management System, a software to keep track of victims. That’s so bizarre, almost like an episode from Black Mirror.

  15. This is stupid. The same way it was stupid for Safemoon and MyAlgo. Web 2.0(regular internet and browser stuff) should never be mixed with blockchain and crypto. Look at the crisis of data we have no where companies that hold our private sensitive being hacked is basically an inevitability no matter how large and sophisticated the company.

    When you mix blockchain with web2.0 you are giving hackers the ability to instantly obtain all users financial information and be able to drain them completely with no safeguards. because at some point seed, private/public key and/or mnemonic data needs to be sent which can and will be intercepted by hackers. Atomic allegedly stores private keys centrally, but there should have been no reason for them to have users private keys in the first place.

  16. Hoping for an all out battle between the global banking syndicate and crypto, got a secret war instead.

  17. Unless I’m misunderstanding the article, this is an application that you must download and run, then give your system password to, and then explicitly allow to access all of your files. In what way was anything compromised?

  18. I feel like this is probably a bigger deal than the main atomic hack. Stay safe everyone

  19. Well there goes my idea of using Mac OS for all crypto-related transactions. Next up, ChromeOS that has never had a hack, virus, or trojan? Maybe a cheap Chromebook that I only use for crypto?


  20. This isn’t a Mac issue though, this is a common sense one. The OS seems to be working as intended, people need to give permissions despite multiple and clear warnings.

  21. It’s such a sad world we live in. We’re all stuck on this planet and we should do everything we can to help one another. Not hurt one another. I hope these fuckers get caught and fucking burn in hell.

  22. my heartest and deepest condolenses for those who got into this trouble.every week/month theres a huge malware attack on popular wallets and general applications and so in….

  23. I dont think this is it for one very important reason. My personal affected wallets were on iOS, not mac os. Also the wallets that were effected have been dormant for the better part of a year without updating or any of that nature. Still on a very old version of atomic.

    So while this did happen at the same time, i don’t think this is what happened.

Comments are closed.