Logo
News Ababil
Explore
SYS_NODE: ONLINE // Cyber Security

PamStealer macOS malware: A stealthy two‑stage threat defying detection

DECRYPTED BY: Nova Stirling | TIMESTAMP: 2026-07-03 T 03:40:05 Z | [ 1 MIN READ ]
PamStealer macOS malware: A stealthy two‑stage threat defying detection
1 Min Read
Share

PamStealer macOS malware reveals a new stealth vector

Security researchers have uncovered PamStealer macOS malware, a previously unseen threat that blends custom credential‑stealing code with sophisticated tradecraft to remain hidden on Apple laptops.

The infection unfolds in two stages. The initial payload arrives as a DMG file pretending to be “Maccy,” a popular clipboard manager. Inside, an AppleScript is launched; when a user double‑clicks, the script opens in the native Script Editor, where the malicious routine is nested deep within the file.

“The combination of a disk image and AppleScript is common, but the way PamStealer stitches them together is novel,” said a researcher at Reuters.

The second stage is a Rust‑written infostealer that taps macOS’s Pluggable Authentication Modules (PAM) interface to validate the victim’s login password before exfiltrating it to a command‑and‑control server.

Because the script masquerades as a legitimate utility, traditional antivirus tools often miss it, resulting in ↓ 0% detection in early tests. Analysts recommend scrutinizing DMG sources and disabling unnecessary PAM modules.

For a broader view of macOS threats, see the latest report from Bloomberg.


Dispatch from: Nova Stirling

Aerospace & Space Tech Correspondent

Global Data Feed

More from this Intel

FortiBleed Campaign Tied to Lynx Ransomware: Massive Credential Theft Unveiled

FortiBleed Campaign Tied to Lynx Ransomware: Massive Credential Theft Unveiled

Jul 02, 2026
When AI and Human Expertise Scaling Redefines Digital Resilience

When AI and Human Expertise Scaling Redefines Digital Resilience

Jul 02, 2026
Holistic family digital security: a unified strategy for modern Aussie homes

Holistic family digital security: a unified strategy for modern Aussie...

Jul 01, 2026
Z.ai Cybersecurity Claim: Matching Mythos in Bug‑Finding Tests

Z.ai Cybersecurity Claim: Matching Mythos in Bug‑Finding Tests

Jun 29, 2026
Prompt injection attacks cripple enterprise AI – the hidden threat surfacing in 2025‑26

Prompt injection attacks cripple enterprise AI – the hidden threat...

Jun 29, 2026
Endpoint Agent Coverage Gaps Threaten Autonomous Security – How to Verify Readiness

Endpoint Agent Coverage Gaps Threaten Autonomous Security – How to...

Jun 27, 2026

Join The Elite

Get the top 0.1% global intelligence and market insights delivered directly to your inbox before the masses.

We respect your privacy. No spam.