Connect with us
DAPA Banner
DAPA Coin
DAPA
COIN PAYMENT ASSET
PRIVACY · BLOCKDAG · HOMOMORPHIC ENCRYPTION · RUST
ElGamal Encrypted MINE DAPA
🚫 GENESIS SOLD OUT
DAPAPAY COMING

Business

Dangerous New Mac Malware PamStealer Disguises Itself as a Popular Clipboard App to Steal Your Passwords

Published

on

macOS Catalina

SAN FRANCISCO — A sophisticated new strain of Mac malware is targeting users of one of the most popular third-party clipboard management utilities on macOS, impersonating the app through fake websites and disguised installer files to steal login passwords, according to a threat report published by mobile device management and security firm Jamf Threat Labs.

The malware, which Jamf researchers have named PamStealer, is being distributed through websites designed to mimic the legitimate website of Maccy, a widely used free open-source clipboard history tracker. Users who land on these fraudulent sites and attempt to download what they believe is a legitimate copy of the application instead receive malicious files engineered to compromise their system silently and extract sensitive authentication credentials.

PamStealer’s delivery mechanism relies on AppleScript files disguised as legitimate Maccy installer packages and distributed within disk images, a format Mac users commonly associate with trusted software installations. When a user opens and attempts to run the file, the script triggers a payload chain that begins tracking information on the targeted Mac and transmits collected data to an external threat actor controlling the attack.

The name PamStealer derives from the specific technique the malware uses to extract and validate a victim’s login password through macOS Pluggable Authentication Modules, known as PAM, the system-level authentication framework built into Apple’s operating system that handles credential verification across a wide range of login and privilege escalation scenarios.

Advertisement

What distinguishes PamStealer from earlier generations of Mac malware, according to Jamf’s analysis, is the technical sophistication of its execution chain and its deliberate effort to minimize the signals that conventional detection tools would typically catch. The malware does not use commonly flagged shell commands such as curl or zsh, which many Mac security tools have been trained to treat with suspicion. Instead, the AppleScript payload executes a self-contained JavaScript for Automation downloader that retrieves and stages the malicious payload using native Objective-C application programming interfaces, tools that are part of macOS’s own legitimate software development framework and therefore far less likely to trigger defensive alerts.

A Rust-based second-stage payload follows the initial download, with the combination of techniques producing what Jamf’s researchers described as a notably quiet and difficult-to-detect attack chain.

“Together, these behaviors illustrate how commodity macOS stealers continue to evolve, adopting quieter execution chains and native implementations that reduce traditional detection opportunities while remaining compatible with standard macOS features,” Jamf wrote in its report.

The researchers further noted that while disk images and AppleScript-based malware have both been established components of the Mac threat landscape for years, PamStealer represents a meaningful evolution in how those elements are combined. By pairing them with a local credential validation process through PAM rather than transmitting password attempts outward for external verification, the malware avoids generating the kind of outbound network traffic that endpoint detection tools often monitor for signs of malicious activity. The credential is tested locally against the Mac’s own authentication system before being exfiltrated, reducing the overall noise of the attack and making the infection harder to identify through conventional monitoring.

Advertisement

The Maccy application itself is not compromised. The malware is entirely external to the legitimate software and works solely by exploiting user trust in the Maccy brand and the app’s wide adoption among Mac power users. Maccy has built a following among enthusiasts and professionals because it provides clipboard history functionality that Apple only began offering natively in macOS Tahoe through an update to Spotlight, arriving years after third-party developers had already built dedicated tools to fill the gap. The combination of strong name recognition and a user base comfortable with installing non-App Store software made Maccy a strategically attractive brand for threat actors to impersonate.

To protect themselves from PamStealer specifically, Maccy users should only download the application directly from the official Maccy website, maccy.app, or from the application’s official GitHub repository. Both the official website and the GitHub page carry explicit disclaimers stating that maccy.app is the only official website for the application, a warning that the developer has apparently added in direct response to the emergence of impersonation sites targeting their user base. Any other website distributing a file claiming to be Maccy should be treated as suspect.

More broadly, the threat underscores a set of security habits that Apple, security researchers and enterprise IT teams consistently recommend to Mac users regardless of which application a specific attack happens to target. The safest pathway for obtaining Mac software remains the Mac App Store, where Apple reviews applications before making them available for download and applies a layer of technical sandboxing that limits what even legitimate apps can access on a user’s system. Software obtained directly from a developer through their official website carries somewhat more risk, though that risk is manageable when users take care to verify they are on the correct domain and not a lookalike site.

Users who receive messages containing links to software downloads from unfamiliar or unexpected sources should avoid clicking those links directly. A recommended approach involves Control-clicking any link or button to copy the actual URL before visiting it, then pasting the address into a text editor to inspect the full destination address before proceeding. Links in emails or text messages that claim to lead to known, trusted software download pages are a common vector for delivering malware through exactly the kind of impersonation technique PamStealer employs.

Advertisement

Mac users who want to assess their existing security posture can also consider running one of several reputable third-party Mac security tools that scan for known malware signatures and monitor for unusual system behavior, though Jamf’s report suggests that PamStealer’s design specifically targets detection gaps in conventional tools, making behavioral awareness and careful download hygiene the most reliable defenses for now.

PamStealer’s sophistication reflects a broader and well-documented trend in which Mac-targeted malware has grown significantly more advanced in recent years as the platform’s user base and commercial profile have expanded, attracting greater attention from financially motivated threat actors who once focused almost exclusively on Windows systems. The days when Mac users could rely on relative security through obscurity are long past, and the evolution documented in Jamf’s PamStealer report offers a clear illustration of why.

Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Business

Main Roads WA secures $22.7m Naval Base site ahead of Westport

Published

on

Main Roads WA secures $22.7m Naval Base site ahead of Westport

The state’s roads manager continues to buy up land in Naval Base after the state and federal governments’ $1.1 billion road infrastructure investment to pave the way for Westport.

Continue Reading

Business

Ralliant: Strong Spin-Off Momentum, But The Multiple Already Reflects It (NYSE:RAL)

Published

on

Ralliant: Strong Spin-Off Momentum, But The Multiple Already Reflects It (NYSE:RAL)

This article was written by

I am a part-time investor interested in equities, ETFs, macro, and emerging markets.

Analyst’s Disclosure: I/we have no stock, option or similar derivative position in any of the companies mentioned, and no plans to initiate any such positions within the next 72 hours. I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from Seeking Alpha). I have no business relationship with any company whose stock is mentioned in this article.

Seeking Alpha’s Disclosure: Past performance is no guarantee of future results. No recommendation or advice is being given as to whether any investment is suitable for a particular investor. Any views or opinions expressed above may not reflect those of Seeking Alpha as a whole. Seeking Alpha is not a licensed securities dealer, broker or US investment adviser or investment bank. Our analysts are third party authors that include both professional investors and individual investors who may not be licensed or certified by any institute or regulatory body.

Advertisement
Continue Reading

Business

ExxonMobil: Valuation Is Attractive With Overlooked Market Opportunities (Upgrade) (XOM)

Published

on

ExxonMobil: Valuation Is Attractive With Overlooked Market Opportunities (Upgrade) (XOM)

This article was written by

I have been working in the logistics sector for almost two decades. I have been into stock investing and macroeconomic analysis for almost a decade. Currently, I focus on ASEAN and NYSE/NASDAQ Stocks, particularly in banks, telco, logistics, and hotels. Since 2014, I have been trading on the PH stock market. I focus on banking, telco, and retail sectors. A colleague encouraged me to engage in the stock market as part of my portfolio diversification instead of putting all my savings in banks and properties. That was also the year when insurance companies became very popular in the PH. Initially, I invested in popular blue-chip companies. Now, I have investments across different industries and market cap sizes. There are stocks I hold for my retirement, while others are purely for trading profits. In 2020, I also entered the US Market. It was about a year after I discovered Seeking Alpha. Originally, I was using the trading account of NY CA-based cousin. Somehow, I acted like his personal broker. That made me more aware of the US market before deciding to open my own account. I decided to write for Seeking Alpha to share and gain more knowledge since I have been trading on the US market for only four years. Like in the ASEAN market, I have holdings in US banks, hotels, shipping, and logistics companies. I discovered it in 2018. Since then, I have been using the analyses here to compare them to the ones I’m doing in the PH Market.

Analyst’s Disclosure: I/we have a beneficial long position in the shares of XOM either through stock ownership, options, or other derivatives. I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from Seeking Alpha). I have no business relationship with any company whose stock is mentioned in this article.

Seeking Alpha’s Disclosure: Past performance is no guarantee of future results. No recommendation or advice is being given as to whether any investment is suitable for a particular investor. Any views or opinions expressed above may not reflect those of Seeking Alpha as a whole. Seeking Alpha is not a licensed securities dealer, broker or US investment adviser or investment bank. Our analysts are third party authors that include both professional investors and individual investors who may not be licensed or certified by any institute or regulatory body.

Advertisement
Continue Reading

Business

Bumble: No End In Sight To Paid User Churn (NASDAQ:BMBL)

Published

on

Bumble: Leverage And AI Reset Makes It A Speculative Hold (NASDAQ:BMBL)

This article was written by

With combined experience of covering technology companies on Wall Street and working in Silicon Valley, and serving as an outside adviser to several seed-round startups, Gary Alexander has exposure to many of the themes shaping the industry today. He has been a regular contributor on Seeking Alpha since 2017. He has been quoted in many web publications and his articles are syndicated to company pages in popular trading apps like Robinhood.

Analyst’s Disclosure: I/we have no stock, option or similar derivative position in any of the companies mentioned, and no plans to initiate any such positions within the next 72 hours. I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from Seeking Alpha). I have no business relationship with any company whose stock is mentioned in this article.

Seeking Alpha’s Disclosure: Past performance is no guarantee of future results. No recommendation or advice is being given as to whether any investment is suitable for a particular investor. Any views or opinions expressed above may not reflect those of Seeking Alpha as a whole. Seeking Alpha is not a licensed securities dealer, broker or US investment adviser or investment bank. Our analysts are third party authors that include both professional investors and individual investors who may not be licensed or certified by any institute or regulatory body.

Advertisement
Continue Reading

Business

Sumitomo Chemical shares soar 11%, record biggest single-day surge in nearly 2 years. Here’s why

Published

on

Sumitomo Chemical shares soar 11%, record biggest single-day surge in nearly 2 years. Here’s why
The shares of Sumitomo Chemical India rallied sharply by around 11% on Friday, with the stock on track to record its biggest single-day surge since September 2024, following a key partnership by its parent company’s Korean subsidiary and heavy trading volumes.

The shares of the company, which is associated with agrochemicals, biopesticides, feed activities, household insecticides and animal nutrition sectors, soared to Rs 488.65 apiece on the NSE on Friday.

Why are Sumitomo Chemical India shares up today?

The sharp surge in Sumitomo Chemical India shares comes after its Japanese parent, Sumitomo Chemical, said that its Korean subsidiary, Dongwoo Fine-Chem, has signed a joint venture agreement with Samsung Electro-Mechanics to establish a joint venture company to engage in the business of glass core substrates for advanced semiconductor packages.

“In recent years, driven by the growing adoption of generative AI, expanding data centre investments, and rising demand for high-performance computing, semiconductors have been required to achieve even greater integration and lower power consumption. As a result, semiconductor package substrates are also needed to support further increases in size and density. This has led to glass core substrates garnering attention as a technology that supports next-generation semiconductor packages,” the company said in a press release.

Advertisement

Also read: Gujarat accelerates semiconductor ambitions as Sumitomo Chemical weighs deeper investment

Glass core substrates are next-generation semiconductor package substrates which are characterised by excellent rigidity, dimensional stability, low warpage and low thermal expansion, which contribute to larger package sizes, improved reliability and higher-density wiring, the company said. “In particular, AI-related semiconductors are expected to see even greater package enlargement and higher density going forward, and glass core substrates, which are a promising option well suited to these requirements, are expected to experience a full-scale market launch,” it added.
Sumitomo Chemical said that the new company to be developed as part of the joint venture is scheduled to establish a supply system by the second half of the fiscal year 2027 with a share capital of KRW 482,100 million.

Sumitomo Chemical India stock performance

The sharp surge in Sumitomo Chemical India’s share price also comes amid heavy volumes. More than 123 lakh shares of the company worth around Rs 589 crore have already been traded, as per data on the NSE at 12.45 pm.
The stock has gained around 10% over the past week but is down nearly 1% over the past month. It is up about 2% so far in 2026. Over the longer term, it has fallen 9% in the past year, while rising 10% over three years and 24% over five years. The company’s current market capitalisation is nearly Rs 23,747 crore.

Also read:
Hitachi Energy, GE Vernova, Siemens Energy, other power equipment stocks crash up to 10%. Here’s why

(Disclaimer: Recommendations, suggestions, views and opinions given by the experts are their own. These do not represent the views of The Economic Times)

Advertisement
Continue Reading

Business

Aussie shares rally for best day in three weeks

Published

on

Aussie shares rally for best day in three weeks

The Australian share market has enjoyed its best day in three weeks, thanks in part to strong gains by goldminers following lacklustre US employment data.

Continue Reading

Business

Rates Spark: Resumed Steepening Impulse

Published

on

Rates Spark: Resumed Steepening Impulse

Rates Spark: Resumed Steepening Impulse

Continue Reading

Business

Welsh Goverment needs to talk more to entrepreneurs and not just business organisations

Published

on

Business Live

For too long, Welsh economic policy has been dominated by the politics of representation rather than the discipline of delivery

The musical Hamilton.(Image: Danny Kaan)

In the musical Hamilton, Lin-Manuel Miranda gives Aaron Burr a whole song built on a single frustration: that the bargains that shape a nation are struck not in public but behind closed doors, and among a handful of people who have been granted a seat at the table.

Burr’s complaint is being left outside, desperate to be in the “room where it happens” and it is one of the oldest truths in politics, namely that influence flows to whoever is in that room, and that everyone else can only guess at what was decided on their behalf. But the more interesting question is rarely who is in the room but whether the right people are in it at all.

Advertisement

For 27 years, Wales has had devolution, its own economic strategies, advisory groups, and endless consultations. Yet throughout that period, one remarkably consistent feature of Welsh economic policy has been that the same familiar business organisations have been invited into the same rooms as ministers to offer broadly similar views on the same persistent problems.

A range of business membership bodies, employer groups and professional networks have all played a part in that process, and it would be unfair to suggest that they have not done useful work, because many of them represent genuine concerns, and act as a bridge between ministers, officials and the business community at times when government needs to hear directly from those operating in the real economy.

But after more than a quarter of a century of devolved economic policy, and after repeated strategies promising stronger growth, better productivity and a more resilient private sector, we have a right to ask some uncomfortable questions about the system that has been created and the voices we have allowed to dominate it.

This is not a criticism of any one organisation, nor is it an argument that representative bodies have no place in policymaking, as they clearly do. The issue is more fundamental, as representation is not the same as leadership and being present in the machinery of government is not the same as changing the economy’s performance outside it.

Advertisement

The danger for Wales is that we have spent too long assuming that, because business organisations have been invited to sit on a panel to comment on economic policy, business itself has therefore been properly involved in reshaping the country’s future.

The truth is far more complicated, and many representative organisations are, by their nature, cautious institutions as they must reflect a wide range of interests, avoid alienating too many of their members, and usually gravitate towards the lowest common denominator rather than the sharpest edge of economic change.

Indeed, the very characteristics that make these organisations acceptable to government can also make them insufficient for the task now facing Wales.

They are respectable, familiar, structured and consultative, but those are not always the qualities needed to challenge the economic challenges facing Wales, and it is likely that most of the same bodies that have supported the Labour Government for more than a quarter of a century will be sitting down with the new Plaid Cymru Enterprise Minister over the next few weeks to say much of the same things they did to his predecessor.

Advertisement

Some will argue that this is the realpolitik of doing business in Wales, but what has it achieved? Where are the organisations prepared to push harder, speak more directly, and challenge the comfortable assumptions that have underpinned economic policy for too long?

Where are those who, after decades of public investment in skills, infrastructure, innovation and enterprise support, question why we still do not have enough firms capable of competing seriously in the UK and global markets?

Indeed, the question is not whether business should continue to have a voice – of course it should – but it is less likely to represent the founders still outside the system, especially the disruptive entrepreneurs who should be at the heart of any serious economic development strategy.

And yet it is precisely those people and those businesses that Wales needs far more of, and the next phase of Welsh economic development cannot be built solely around organisations whose primary function is to explain the business concerns of a small number of firms to government.

Advertisement

For too long, Welsh economic policy has been dominated by the politics of representation rather than the discipline of delivery, and it seems very few people have been asking serious questions about why Wales still produces too few high-growth firms, why ambitious founders often look outside Wales for finance and networks, and why public investment still too often fails to generate lasting private-sector momentum.

This is not an argument for excluding existing organisations from the debate but one for rebalancing it, because whilst the established representative bodies have knowledge, members and experience, Wales also needs those business voices that are constructive but uncomfortable, collaborative but demanding, practical but ambitious.

So here is a simple test of whether anything has genuinely changed under a new government. Rather than just having talks with the usual bodies, the minister could, within his first hundred days, bring together the founders and chief executives of Wales’s most 100 innovative and entrepreneurial companies for a summit built around one question: what would it take to double the number of Welsh businesses scaling past £10m over the next four years? Not a consultation but a working session of the people building real growth, many of whom have never once been invited into the room.

Given the way that the civil service in Wales seems terrified of anyone with a radical idea, I expect the comfortable consensus to continue as it always has, with the same familiar faces sitting around the same table, but I would be delighted to be proved wrong, and it would be a truly new start for devolution in Wales if those in power were willing to fill the room where it happens with the incredible businesses that are building the country’s future.

Advertisement
Continue Reading

Business

Kymera: Building Toward A Defining 2H26 Moment

Published

on

Kymera: Building Toward A Defining 2H26 Moment

Kymera: Building Toward A Defining 2H26 Moment

Continue Reading

Business

Iran’s slain leader Khamenei laid in state in Tehran for week of mass funeral events

Published

on

Iran’s slain leader Khamenei laid in state in Tehran for week of mass funeral events


Iran’s slain leader Khamenei laid in state in Tehran for week of mass funeral events

Continue Reading

Trending

Copyright © 2025