In macOS 15 Sequoia, Apple has tightened Gatekeeper’s security, making it harder to bypass the system to run apps that aren’t notarized. (Notarization is Apple’s method for ensuring apps distributed outside the Mac App Store are unaltered and malware-free.) In response, cybercriminals have devised a new social engineering tactic. They trick users into downloading a disk image under the pretense of installing desired software and instruct them to drag a text file into Terminal. This action executes a malicious script that installs an "infostealer," capable of exfiltrating sensitive data, including passwords, financial information, and more. The takeaway? Never follow instructions to drag files into Terminal. No legitimate developer or software will ever request this. Treat such guidance as a red flag for malware.
(Featured image based on an original by iStock.com/Farion_O)
