In macOS 15 Sequoia, Apple made it more difficult to bypass Gatekeeper to run apps that aren’t notarized. (Notarization is one of the ways Apple ensures that apps distributed outside the Mac App Store are unmodified and free from malware.) Cybercriminals have responded to this increase in security with a new social engineering attack. They provide the victim with a disk image, ostensibly to install some desired piece of software, instructing the user to drag a text file into Terminal. Doing so executes a malicious script that installs an “infostealer” designed to exfiltrate a wide variety of data from your Mac. The simple advice here is to treat any guidance to drop a file into Terminal with extreme suspicion—no legitimate software or developer will ever ask you to do that.
(Featured image based on an original by iStock.com/Farion_O)
Social Media: Thing #17 to never do: Follow instructions to drop a text file into Terminal. It’s a great way to install malware and let cybercriminals steal your passwords, financial information, and more.
Recent Posts
Apr. 04, 2025
Share Wi-Fi Network Passwords Using QR Codes
Apr. 04, 2025
Don’t Assume That Top Google Search Results Are Guaranteed Safe
Apr. 04, 2025
With iOS 18.2 and Later, You Can Share the Location of Lost Items in Find My
Apr. 04, 2025
Apple Says More Personalized Siri Will Be Delayed
Apr. 04, 2025
Security Precautions to Take While Traveling
Apr. 04, 2025
Working with Time Zones in Apple’s Calendar Apps
Apr. 04, 2025
Keep Your Browsing Organized with Browser Profiles
Apr. 04, 2025
Run a Business? Sign Up with Apple Business Connect
Mar. 07, 2025
Create Links to Selected Text in Long Web Pages
Mar. 07, 2025
HomePods Can Alert You of Smoke and Carbon Monoxide Alarms
View All Posts