AI-Debiased Article
Rewritten from Ars Technica 1 min read
4 Wire-neutral provisional

✓ No loaded language, vague sourcing, or framing detected.

New macOS malware discovered, named PamStealer

A new piece of macOS malware named PamStealer has been discovered, utilizing advanced techniques to steal credentials. It is delivered in two stages, starting with a disk image that mimics a legitimate application, and employs AppleScript to conceal its malicious functionality.

Researchers have identified a new piece of macOS malware that employs advanced techniques to infect Macs and steal credentials. This malware, named PamStealer, is delivered in two stages, beginning with a disk image that pretends to be Maccy, a clipboard manager for Macs. It is compiled as AppleScript and uses the Pluggable Authentication Modules interface in macOS to verify the target's login password before transmitting it to a server controlled by an attacker. The combination of disk image and AppleScript is typical for Mac malware, but PamStealer's method of execution is designed to enhance its stealth, as the malicious functions are hidden within the AppleScript file, which is opened in the macOS Script Editor when double-clicked.

Annotating as

No note attached

on this article.

Original vs. Neutral

Original Headline

Newly discovered PamStealer isn't your typical macOS malware

Neutral Headline

New macOS malware discovered, named PamStealer