All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

New PamStealer macOS malware uses two-stage delivery and PAM interface to steal credentials

By

Dan Goodin

2d ago· 3 min readenNews

Summary

Researchers have discovered a new macOS malware called PamStealer that uses sophisticated two-stage delivery to infect Macs with credential-stealing code. The first stage is distributed via a disk image masquerading as the Maccy clipboard manager, compiled as AppleScript. The second stage is a Rust-written infostealer that leverages the Pluggable Authentication Modules (PAM) interface built into macOS. The discovery highlights increasing efforts targeting Mac infostealers.

Source

Ars TechnicaNew PamStealer macOS malware uses two-stage delivery and PAM interface to steal credentialsarstechnica.com

Key quotes

· 3 pulled
Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs with stealthy, custom-developed credential-stealing code.
The malware is delivered in two stages.
The malware is named PamStealer because the Rust-written infostealer uses the Pluggable Authentication Modules interface built into macOS.
Snippet from the RSS feed
The discovery underscores the increased effort being poured into Mac infostealers.

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.