Atomic macOS Malware Gains Backdoor for Global Attacks

The Atomic macOS malware backdoor has undergone a significant upgrade, adding a persistent access mechanism that poses heightened risks to Apple users globally. Previously known for rapid data theft, the malware now includes a backdoor that allows attackers to maintain long-term control over infected systems, execute remote commands and evade detection.

Researchers at Moonlock, MacPaw’s security division, report that the upgraded stealer targets users in over 120 countries, with high infection rates in the U.S., U.K., France, Italy and Canada. This marks just the second known case of a global-scale macOS backdoor deployment. The Atomic macOS malware backdoor persists through LaunchDaemon processes and hidden files, mimicking tactics used by North Korean hackers.

Attackers spread the malware via cracked software sites and targeted phishing campaigns, especially against crypto holders. Security experts urge users to adopt strong anti-malware tools and avoid suspicious downloads.

Read the full report at

Atomic macOS Info-Stealer Upgraded With New Backdoor to Maintain Persistence