"Atomic Infostealer" Malware

Any thoughts on this?

What is good malware to detect and eliminate it?



As you have to actively install this, just be careful - paranoid even - about opening downloaded dmg files.

1 Like

I wonder if the recent Rapid Security Response addresses this threat.

That said, the simple solution is always to avoid falling for this: “When the malicious DMG file is executed, the malware displays a fake window for entering the system password…”

I have made an inviolable habit of never executing anything I have not initiated. Additionally, if I receive an email or text message about any of my apps, services, or accounts, I never execute anything from those emails or texts. Instead, I go to the site/service/app to check things out.

1 Like

I changed my iPhone passcode to a long alphanumeric and now Apple prompts me quite often out of the blue to “Confirm my passcode to continue using iCloud.” Apparently this is not malware but it also is not in response to any action that I have initiated. Can anyone confirm this behavior?

I’m not experiencing this but I’m using a 6 digit passcode.

I have the same experience too.

1 Like

Thanks for the data point. Yours is a good policy and Apple used to behave in a way consistent with it.

Now, Apple popping up random password requests violates everything we thought we knew about phishing and other malware. I blame too many old hands leaving Apple and too many wet-behind-the-ears programmers showing up to work. </rant off>

I feel like everyone just forgot about basic security practices. Like, don’t download and run anything if you don’t actually know what it is. Also, don’t enter your admin password if you didn’t explicitly do something that you know requires it.

If you download junk, and then give it your admin password, don’t be surprised when it takes all your stuff.


Yeah, we knew that but now Apple apparently is sending random iCloud password prompts. How is anyone to know what’s kosher and what isn’t?

EDIT: And how long before nefarious apps start popping up similar prompts with a field for us to enter the keys to the kingdom? APPLE HAS LOST THEIR WAY!

I think the weakest link in many situations is human behavior engineering and phishing.

I am very cautious about what attachments I open. But I also run a business and get emails from all sorts of clients/customers - many of whom are not as savvy about security techniques.

I have had times when I almost deleted something because it appeared it could be a malware email, yet I opened it and it turned out to be an important document from a vendor or client.

This can be a tough balancing act.


One practice I’ve found helpful when I get emails or texts with links is copying them into Drafts and then examining them. I’ve discovered
nefarious links this way in sophisticated and convincing phishing attempts. I almost fell for one until I checked the links. In other instances, I confirmed that the email/text was legit and safe. I also examine the from address carefully.


This is not an e-mail or a text. This is a prompt that pops up on the iPhone, or sometimes prompted within the Settings app on the iPhone, to “Confirm passcode to continue using iCloud.” It started after I “upgraded” my iPhone passcode.

I recently did the same and haven’t had any issues with being prompted for the passcode. I think the iPhone passcode is used to encrypt iCloud keychain (among other things probably). It sounds like the Mac is trying to decrypt something using the old passcode, failing, then prompting you for the new one (but not then saving the new one once you’ve entered it).

I don’t want to suggest the dreaded log-out-and-back-in to iCloud on the Mac, but I wonder if toggling Keychain off and on again under iCloud settings may help?

Edit: I see from another reply that it’s actually your iPhone prompting you, not your Mac. I still suspect the same issue though, just with the iPhone.

You may be right but I hate the dire messages I get when I begin the process to log out of iCloud!

Yes completely agreed. Particularly when doing it on a Mac, the anxiety waiting to see whether iCloud Drive etc. will be working properly when you log back in is awful!

Sadly with Apple software nowadays I regularly have to weigh up how annoying a glitch is versus the potential breakage that might be caused by trying to fix it. I accept slightly broken as the new default.


I noticed that I have the iCloud Password and Keychain setting turned off on both my Mac and my iPhone. I thought I was increasing my security somehow. I wonder if that is the problem? Anyway, I have turned them on for both devices and will monitor the passcode prompt situation. :slightly_smiling_face:

Yes, I understand. I was making a general observation not directly connected to your post. Sorry for the confusion.

1 Like

This is no issue on the iPhone, as long as you haven’t cracked it, or are using the, with iOS17 expected, SideLoadOption.

Apple should have kept everything within its own AppStores, that would have protected the User from Attacks like this on the Macs.

I feel like an iPad is the appropriate option for people who want everything to remain within the Apple (partially) curated App Store. My Mac benefits inmnsely from software not available in the App Store.