Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
With this and most malware it requires the user or someone with physical access to actually install it. From the link “Threat actors used GitHub repositories as a key distribution method for Banshee.”.


This is why I try to be careful what I download and install. Is it from a reputable company or is it some individual developer on GitHub? Nothing wrong with individual developers but you better be sure that person is trustworthy. Big companies have lots to lose but on the Internet, individuals can be fairly anonymous.

Always ask… Do you need it? Is the developer trustworthy? Are you downloading it from a trusted source? If you’re not sure about any of those questions then don’t do it.

It’s nice to see people pointing out that macOS is not invincible to malware. No BS anti malware software is going to protect you.
 
  • Like
Reactions: Biro
I'm not sure why this method is being used, but one way of delivery redirects the user to a page called "Safe Download Storage" with the instructions to "Click to "Copy" on link and paste it to address bar"
At the moment, only Kaspersky, Sophos, Ikarus & Google recognize the DMG file downloaded as part of the Amos infostealer malware family.
https://www.virustotal.com/gui/file/d90623df1f31f2138ab8c1a4130f6d31647b8f0d44f08a74ffc3f2e252e87b5c
malware.jpg
 
  • Like
Reactions: Biro
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.