Daily Guardian UAEDaily Guardian UAE
  • Home
  • UAE
  • What’s On
  • Business
  • World
  • Entertainment
  • Lifestyle
  • Sports
  • Technology
  • Travel
  • Web Stories
  • More
    • Editor’s Picks
    • Press Release
What's On

Google Maps could soon order food for you using Gemini

July 4, 2026

macOS clipboard app Maccy has a fake out there stealing passwords

July 4, 2026

A new technology teaching drones to feel pain could stop your self-driving car from harming itself

July 4, 2026

The Wellness Event 2026 Inspiring Health, Hope & Resilience in Challenging Times

July 4, 2026

Valve just gave away the blueprint for its coolest Steam Machine mod

July 4, 2026
Facebook X (Twitter) Instagram
Finance Pro
Facebook X (Twitter) Instagram
Daily Guardian UAE
Subscribe
  • Home
  • UAE
  • What’s On
  • Business
  • World
  • Entertainment
  • Lifestyle
  • Sports
  • Technology
  • Travel
  • Web Stories
  • More
    • Editor’s Picks
    • Press Release
Daily Guardian UAEDaily Guardian UAE
Home » macOS clipboard app Maccy has a fake out there stealing passwords
Technology

macOS clipboard app Maccy has a fake out there stealing passwords

By dailyguardian.aeJuly 4, 20262 Mins Read
Share
Facebook Twitter LinkedIn Pinterest Email

A fake version of Maccy, a popular clipboard manager for macOS, is being used to deliver a newly discovered Mac malware strain called PamStealer. Researchers at Jamf say the malware impersonates the real open-source app, but its actual purpose is to steal data and capture a victim’s login password.

PamStealer arrives as a disk image containing an AppleScript file that impersonates Maccy. Once the user opens that file, macOS launches it in Script Editor, where the on-screen instructions tell them to press Command-R. To someone expecting a normal app installer, that may look like an odd setup step. In reality, that action runs hidden malware code and starts the attack.

A fake installer starts the attack

The first part of the attack is designed to stay quiet. Instead of using common Mac command-line tools that security teams often watch for, the researchers say the malware uses Apple’s own automation features to download and launch the next stage.

The payload then hides inside app bundles that pretend to be real macOS components. Jamf found samples posing as Finder or Software Update. These fake components run in the background and use Apple’s Finder icon, which makes the attack more convincing.

MacBook Air M5

The password prompt is the real danger

PamStealer’s most worrying trick is its password prompt. The malware shows a native-looking Mac dialog saying Maccy wants to make changes and asks the user to enter a password. The password is checked through macOS’s own login verification system. If it is wrong, the prompt appears again. Once the correct password is entered, the malware captures it and shows a fake message saying Maccy is damaged and cannot be opened.

Researchers also found that PamStealer can watch the clipboard, register itself to run again after login, and later ask for Full Disk Access. In testing, that prompt sometimes appeared up to 40 minutes later, making it harder to connect the request to the fake installer.

Maccy’s official channels are now warning users about fake websites, while pointing them to maccy.app as the only legitimate place to get the app.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Keep Reading

Google Maps could soon order food for you using Gemini

A new technology teaching drones to feel pain could stop your self-driving car from harming itself

Valve just gave away the blueprint for its coolest Steam Machine mod

Sony may have been digging the grave of physical PlayStation games for years.

Apple’s rumored camera AirPods Pro may have hit a major roadblock

This flower identification app turns every walk into Pokémon Go for plants

Yet another research breaks the hype bubble for AI browsers serving serious security flaws

Claude Fable 5 is leaving subscriptions, but maybe not for good

Meta under scrutiny after Instagram approved child abuse advertisements in India

Editors Picks

macOS clipboard app Maccy has a fake out there stealing passwords

July 4, 2026

A new technology teaching drones to feel pain could stop your self-driving car from harming itself

July 4, 2026

The Wellness Event 2026 Inspiring Health, Hope & Resilience in Challenging Times

July 4, 2026

Valve just gave away the blueprint for its coolest Steam Machine mod

July 4, 2026

Subscribe to News

Get the latest UAE news and updates directly to your inbox.

Latest Posts

TIMELESS  RISE The World Cup

July 4, 2026

Sony may have been digging the grave of physical PlayStation games for years.

July 3, 2026

DDSC Receives NOC to Launch on VARA Platforms

July 3, 2026
Facebook X (Twitter) Pinterest TikTok Instagram
© 2026 Daily Guardian UAE. All Rights Reserved.
  • Privacy Policy
  • Terms
  • Advertise
  • Contact

Type above and press Enter to search. Press Esc to cancel.