Just wanna scroll the news? Take the pill 💊
Ecosystem

New Malware Targets Mac Users via Fake Clipboard App

Jamf Threat Labs has discovered a new Rust-based infostealer named PamStealer, masquerading as the Maccy clipboard manager for macOS. The malware aims to steal passwords and crypto wallet keys from unsuspecting users, as reported by Decrypt.

2 hours ago·2 min readBeginner·Reported by Jason Nelson·via Decrypt·at publish:SOL $81.13·BTC $62,645
New Malware Targets Mac Users via Fake Clipboard App

Cybersecurity firm Jamf Threat Labs has identified a new infostealer malware dubbed PamStealer, which impersonates the open-source Maccy clipboard manager on macOS. This malware uses a lookalike website to deliver a malicious disk image containing an AppleScript file named Maccy.scpt, designed to covertly extract user credentials.

Once the user opens the file, it instructs them to run it in Apple's Script Editor, enabling the escalation of privileges without raising alarms. PamStealer verifies victims’ login passwords via macOS's Pluggable Authentication Modules (PAM) before stealing them. Jamf Threat Labs notes that this malware implements sophisticated techniques to avoid detection. Notably, it employs JavaScript for Automation and native APIs to download a secondary payload while evading detection methods employed by most security tools.

In their analysis, Jamf Threat Labs highlighted the increasing trend of cybercriminals leveraging Google Ads and social media platforms like X to promote fake applications, which has proven effective in tricking users. Jamf’s Director Jaron Bradley stated,

“With many stealers, we have seen attackers purchasing Google Ad space to lure users to the malicious app. We have recently observed malicious ads being hosted on X as well.”

The secondary payloads are Rust-based binaries disguised as legitimate macOS processes, such as Finder or Software Update, making them harder to detect. Instead of using cleartext for storage, this malware generates a key based on various host fingerprints (CPU architecture, locale, keyboard layout, and time zone). This method ensures secure and discrete access to configuration files that contain the payload and installation instructions.

The capabilities of PamStealer extend to stealing credentials stored in browsers, accessing macOS's Keychain data, monitoring clipboard activity, establishing a persistent presence on infected devices, and exfiltrating stolen information to remote locations. The emergence of PamStealer underscores the growing risks users face from seemingly benign applications, particularly in the cryptocurrency realm where sensitive information is often at stake.

Summary based on original reporting by Jason Nelson at Decrypt, originally published Jul 5, 2026. SolanaWire does not republish source content.

Read the original Source reliability: 75/100
Share:PostLinkedIn

More on this topic

Banks Shift Focus to Integrating Stablecoins into Financial Systems
DeFi

Banks Shift Focus to Integrating Stablecoins into Financial Systems

Financial institutions, including Standard Chartered and BNY Mellon, are moving from debating the role of stablecoins to exploring their integration into banking infrastructure, as reported by CoinDesk. This shift highlights the increasing importance of stablecoins like USDC in finance, with projections indicating significant growth in digital asset volume by 2030.

3 hours ago·CoinDesk·Reported by Olivier Acuna

Falcon Finance Executive Argues Collateral Will Define Future of Stablecoins
Ecosystem

Falcon Finance Executive Argues Collateral Will Define Future of Stablecoins

Artem Tolkachev, chief RWA officer at Falcon Finance, argues that while yield-bearing stablecoins rapidly grow, the focus on yield is misdirected. According to Tolkachev, the real differentiator for stablecoins will be their acceptance as collateral, which determines their usability in trading and lending, as noted in his opinion piece for CoinDesk.

4 hours ago·CoinDesk·Reported by Artem Tolkachev

Dave Portnoy Plans to Hold Bitcoin to Zero After Past Timing Failures
Bitcoin

Dave Portnoy Plans to Hold Bitcoin to Zero After Past Timing Failures

Barstool Sports founder Dave Portnoy announced his intent to hold Bitcoin down to zero after previously buying it near $100,000. He expressed his frustration with market timing during an interview, as reported by CoinDesk on July 5, 2026.

11 hours ago·CoinDesk·Reported by Omkar Godbole

Ethical Hackers Expose Security Flaw in Aptos Blockchain
Ecosystem

Ethical Hackers Expose Security Flaw in Aptos Blockchain

Hackers from Hexens identified a critical vulnerability in the Aptos blockchain that could have jeopardized up to $70 billion in digital assets. As reported by CoinDesk, the flaw was patched after being reported on February 25, 2026, with the researchers achieving a high success rate in simulating the exploit.

21 hours ago·CoinDesk·Reported by Oliver Knight

Trending this week

Kalshi Faces Legal Challenges Amid U.S. Prediction Market Regulatory Disputes
Regulation

Kalshi Faces Legal Challenges Amid U.S. Prediction Market Regulatory Disputes

Kalshi, a prediction market platform, is navigating multiple legal battles across the United States as it challenges state authorities over its operations. The legal uncertainty has intensified as Kalshi seeks clarification from the U.S. Supreme Court concerning whether its activities constitute gambling or trading derivatives, according to CoinDesk.

4 hours ago·CoinDesk·Reported by Jesse Hamilton

Goliath Ventures CEO Pleads Guilty to $250M Crypto Ponzi Scheme
Regulation

Goliath Ventures CEO Pleads Guilty to $250M Crypto Ponzi Scheme

Christopher Delgado, CEO of Goliath Ventures, has pleaded guilty to several fraud charges related to a Ponzi scheme. According to Decrypt, investors pumped in at least $400 million, leading to a minimum of $250 million in losses as Delgado used the funds for personal luxuries.

4 days ago·Decrypt·Reported by Decrypt Agent

XRP Maintains $1 Support Amid Rising Network Activity and Reduced Leverage
Markets

XRP Maintains $1 Support Amid Rising Network Activity and Reduced Leverage

XRP holds above $1, accompanied by a 72% increase in active addresses and a significant drop in leverage, according to CoinDesk. These changes suggest a cleaner trading environment, but the token remains below the $1.10 resistance level.

5 days ago·CoinDesk·Reported by Shaurya Malwa

NYLIM Executive Discusses Tokenization's Potential for Personalized Portfolios
Markets

NYLIM Executive Discusses Tokenization's Potential for Personalized Portfolios

According to Thomas Sy, an executive at New York Life Investment Management, the greatest potential of tokenization lies in enabling personalized investment portfolios. In an interview with CoinDesk, he highlighted the benefits of blockchain for complex portfolio construction, moving beyond the advantages often associated with tokenized assets.

21 hours ago·CoinDesk·Reported by Krisztian Sandor