A newly discovered macOS infostealer verifies Mac login passwords before stealing sensitive data, giving attackers immediate confirmation that compromised credentials will actually work. PamStealer Researchers at Jamf Threat Labs have documented a new macOS malware campaign built around an infostealer called PamStealer. PamStealer disguises itself as the Maccy clipboard manager and uses AppleScript alongside a Rust payload to infect Macs. Jamf found that PamStealer verifies login passwords through Apple's Pluggable Authentication Modules before stealing additional data. Password verification sets PamStealer apart from most macOS infostealers, which typically capture whatever password a victim enters without confirming that it's valid. The campaign begins with a fake website that closely imitates the legitimate Maccy clipboard manager. Next, the fake website delivers a malicious AppleScript application disguised as Maccy. Continue Reading on AppleInsider | Discuss on our Forums
Opera browser has announced a new security feature called Paste Protect that aims to stop clipboard-based cyberattacks before their malicious commands can be accidentally executed. Opera says it's the first major browser to offer native protection against ClickFix attacks – a growing form of social engineering that tricks users into copying and pasting malicious commands into a computer's terminal. The new feature is built into Opera's desktop browsers and enabled by default. ClickFix attacks typically masquerade as routine troubleshooting prompts, such as fake CAPTCHA verification or video playback fixes. Once pasted and executed, the commands can install malware, steal passwords, or give attackers remote access to a device. Opera describes the browsing risk as follows: A ClickFix-style attack usually starts with something small and ordinary: a video that won't play, or a CAPTCHA that won't quite verify you're human. A pop-up offers a fix, telling you to copy a short command and paste it into your computer's terminal. It looks like routine troubleshooting. In reality, that command can install malware, steal saved passwords, or hand an attacker remote access to your machine, all carried out by the user's own hands, on their own device. Opera features an existing clipboard hijack protection feature that prevents external applications from silently replacing copied content such as cryptocurrency wallet addresses. Paste Protect combines this with a new injection protection system that monitors clipboard activity for suspicious commands copied from websites and blocks potentially malicious content before it reaches the clipboard. Users can see the first 120 characters of the blocked content, and developers working with trusted sources can override the block or mark specific sites as safe. Opera cited research from cybersecurity firm Huntress that said ClickFix accounted for more than 53 percent of malware-loading cyberattacks last year, indicating the rapid growth of the technique. Apple itself introduced a related safeguard for the Mac with the release of macOS Tahoe 26.4 earlier this year. Following the update, the operating system explicitly warns the user before they paste potentially dangerous commands into the Terminal app. Opera browser is available now as a free update and can be downloaded from the company's website . Tag: Opera Browser This article, " Opera Browser Gains Protection Against Malicious Clipboard Commands " first appeared on MacRumors.com Discuss this article in our forums
If you've upgraded to a new Mac , don't throw away your old one. Here are some ideas of things you can do to get more out of your older Apple desktop. The 2018 Mac mini may be 'Obsolete' but it still has its uses. Buying a new Mac or MacBook can be a thrill. The bump of speed, the extra memory and storage that's free of clutter, and the unscratched, clean casing can make most Mac users instantly happy. However, after drinking in all the potential of your new digital workspace, you'll soon be reminded that you still have your old one. After you've migrated your software and files over to your new daily driver, it may seem that there's little point in keeping your old one around. Continue Reading on AppleInsider | Discuss on our Forums