
New macOS Malware PamStealer Targets Sensitive Data via Fake Maccy Sites
CybersecurityMalwareDataTheftMacOSThreats
Cybersecurity researchers at Jamf Threat Labs identified a new macOS information stealer named PamStealer, which targets sensitive data by impersonating Maccy, a legitimate open-source clipboard manager. The malware is distributed as a compiled AppleScript (.scpt) file and leverages fake Maccy websites alongside privilege escalation checks to infect systems. PamStealer derives its name from its ability to exploit macOS’s Pluggable Authentication Modules (PAM) to extract login credentials. No specific infection numbers, dates, or CVE IDs were disclosed in the report. The primary impact involves unauthorized access to and exfiltration of user credentials and other confidential information.