Close Menu
The Financial News 247The Financial News 247
  • Home
  • News
  • Business
  • Finance
  • Companies
  • Investing
  • Markets
  • Lifestyle
  • Tech
  • More
    • Opinion
    • Climate
    • Web Stories
    • Spotlight
    • Press Release
What's On
iPhone 18 Pro Pricing Can Dominate Market And Start A New Super Cycle

iPhone 18 Pro Pricing Can Dominate Market And Start A New Super Cycle

July 19, 2026
Why Does It Feel Like Companies Care Less Than They Used To?

Why Does It Feel Like Companies Care Less Than They Used To?

July 19, 2026
Pentagon’s Testosterone Screening Program—What Soldiers And Families Need To Know

Pentagon’s Testosterone Screening Program—What Soldiers And Families Need To Know

July 19, 2026
Creedence Clearwater Revival’s Classic Hit Brings The Band To One Chart For The First Time

Creedence Clearwater Revival’s Classic Hit Brings The Band To One Chart For The First Time

July 19, 2026
An Off-Grid California Retreat By Anacapa Architecture

An Off-Grid California Retreat By Anacapa Architecture

July 19, 2026
Facebook X (Twitter) Instagram
The Financial News 247The Financial News 247
Demo
  • Home
  • News
  • Business
  • Finance
  • Companies
  • Investing
  • Markets
  • Lifestyle
  • Tech
  • More
    • Opinion
    • Climate
    • Web Stories
    • Spotlight
    • Press Release
The Financial News 247The Financial News 247
Home » New Mac Attack Triggers 83-Hour Password Entry Loop

New Mac Attack Triggers 83-Hour Password Entry Loop

By News RoomJuly 19, 2026No Comments3 Mins Read
Facebook Twitter Pinterest LinkedIn WhatsApp Telegram Reddit Email Tumblr
New Mac Attack Triggers 83-Hour Password Entry Loop
Share
Facebook Twitter LinkedIn Pinterest Email

Hot on the heels of reports that password-stealing malware known as CrashStealer was actively targeting macOS users comes yet more bad security news for fans of the Apple ecosystem. Not only does the newly reported ClickLock attack terminate running applications and security tools alike, but it also displays a malicious macOS password prompt that requires the correct system password, which will be extracted by the attackers, or it enters a password-only dialogue loop that lasts for 300,000 seconds. That’s 83 hours of only seeing a password entry screen on your Mac, even if you reboot. Or three and a half days if you prefer. The password-stealing pain only stops if the correct credentials are entered, with the attackers seemingly using this method in an attempt to wear down the victim.

Mac Users Warned To Watch What They Type And Not Enter System Password

That the user is the weakest link is something of a tired, overused security cliché, in my never-humble opinion, but in the case of ClickLock, it’s fairly accurate. At first glance, this looks like just another social engineering attack, employing the now-familiar ClickFix variant that tricks a user into cut-and-pasting commands into the macOS Terminal courtesy of a fake Cloudflare CAPTCHA verification prompt. Unlike previous such threats, ClickLock adopts something akin to a ransomware or extortion threat model to achieve its ultimate credential-stealing goal. Rather than demand a cryptocurrency payment, however, this attack uses a dialogue-fatigue model that makes the system unusable, grounding the victim’s gears until, the attacker hopes, they submit and enter a valid password in the login prompts that is all that is displayed for days on end, even surviving system reboots.

According to a newly published Group-IB threat intelligence report, the ClickLock stealer script was first observed on June 9, targeting “data from 8 browsers, 31 crypto wallet browser extensions, 7 password manager extensions, 8 desktop wallet applications,” and extracting “blockchain addresses across 6 chains, macOS Keychain, shell history and FTP credentials.” Despite the malware still being under active development, based upon an analysis of code structure and assorted artifacts, the researchers have noted attacks across 33 countries so far, and confirmed at least 100 victims.

As much as I hate to admit it, the attackers’ technique is actually very clever indeed. By very effectively making the target system unstable, with functionality impaired to the point that the computer is unusable, the victim is far more likely to enter their password when apparently legitimate login prompts are presented. Especially as the longer the attack continues, the more stressed that victim will become and so more at risk of complying with the malicious requests.

The mitigation is simple, and the Group-IB researchers have essentially said exactly the same as I have repeated time and time again: “Never paste commands into Terminal from websites, regardless of how the page looks or what it claims to verify.” Remember, no legitimate service requires this, whether that’s on a Windows or Mac!

App Killer clickfix attack ClickLock CrashStealer fake password login Mac malware macos password Password Entry Loop
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related News

iPhone 18 Pro Pricing Can Dominate Market And Start A New Super Cycle

iPhone 18 Pro Pricing Can Dominate Market And Start A New Super Cycle

July 19, 2026
Pentagon’s Testosterone Screening Program—What Soldiers And Families Need To Know

Pentagon’s Testosterone Screening Program—What Soldiers And Families Need To Know

July 19, 2026
Angry Miao Battleye 75HE R2 Keyboard Made With Aluminum And Carbon Fiber

Angry Miao Battleye 75HE R2 Keyboard Made With Aluminum And Carbon Fiber

July 19, 2026
7 Stargazing Accessories You Need This Summer — And When To Use Them

7 Stargazing Accessories You Need This Summer — And When To Use Them

July 19, 2026
Would You Pay 5,000 To See A Rare Totally Eclipsed Sunset?

Would You Pay $225,000 To See A Rare Totally Eclipsed Sunset?

July 19, 2026
Chinese Pressure On European Automakers Intensifying As EU Hesitates

Chinese Pressure On European Automakers Intensifying As EU Hesitates

July 19, 2026
Add A Comment
Leave A Reply Cancel Reply

Don't Miss
Why Does It Feel Like Companies Care Less Than They Used To?

Why Does It Feel Like Companies Care Less Than They Used To?

News July 19, 2026

Natalie Beckerman’s new book, When Did You Stop Caring?, asks a question every business leader…

Pentagon’s Testosterone Screening Program—What Soldiers And Families Need To Know

Pentagon’s Testosterone Screening Program—What Soldiers And Families Need To Know

July 19, 2026
Creedence Clearwater Revival’s Classic Hit Brings The Band To One Chart For The First Time

Creedence Clearwater Revival’s Classic Hit Brings The Band To One Chart For The First Time

July 19, 2026
An Off-Grid California Retreat By Anacapa Architecture

An Off-Grid California Retreat By Anacapa Architecture

July 19, 2026
Stay In Touch
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo
Our Picks
Angry Miao Battleye 75HE R2 Keyboard Made With Aluminum And Carbon Fiber

Angry Miao Battleye 75HE R2 Keyboard Made With Aluminum And Carbon Fiber

July 19, 2026
2026 Fantasy Football Players To Know With A Week 6 Bye

2026 Fantasy Football Players To Know With A Week 6 Bye

July 19, 2026
7 Stargazing Accessories You Need This Summer — And When To Use Them

7 Stargazing Accessories You Need This Summer — And When To Use Them

July 19, 2026
Europe Taxes Electricity More Than Gas. Brussels Just Admitted It

Europe Taxes Electricity More Than Gas. Brussels Just Admitted It

July 19, 2026
The Financial News 247
Facebook X (Twitter) Instagram Pinterest
  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact us
© 2026 The Financial 247. All Rights Reserved.

Type above and press Enter to search. Press Esc to cancel.