Aggregator MacUpdate delivered malware––crypto currency miner––instead of Apps

(My post’s intent is to inform. It’s not an endorsement for any of the detection/removal tools mentioned in the referenced blog posts.)

Although I don’t use them, I’ve seen this aggregation service mentioned a couple of times at the L&L forum. If you’re in the habit of using MacUpdate or other aggregation service: … date-site/
Included in the above blog post is a link to an analysis by Thomas Reed of Malwarebytes and a link to a followup post.

MacUpdate, whose response has been inadequate (that’s being generous), has advised to uninstall the malware laden downloads and manually delete certain files:


Note that OnyX in particular is frequently recommended in this forum.


I used to download from MacUpdate, but a couple of years ago, an update I’d downloaded from them was immediately quarantined by ClamXAV as carrying malware. Since then, I go to the MacUpdate website every Saturday to check for updates listed for any of my software, but I then go to the developer’s website and download from there.