OSX.LamePyre is Malwarebytes' detection name for a Trojan targeting MacOS systems.
OSX.LamePyre uses a generic Automator applet icon, and all that happens when running is that a gear icon appears in the menu bar (as is normal for any Automator script).
OSX.LamePyre is distributed as a malicious copy of Discord, an app for gamers to communicate with other gamers. OSX.LamePyre is an Automator script that decodes and executes a Python payload, then begins repeatedly taking screenshots and uploading them to a command-and-control (C&C) server.
Malwarebytes for Mac detects and removes OSX.LamePyre
Download and install the latest version of Malwarebytes for Mac.
Click the “Scan Now” button to perform a system scan.
If threats are detected during the scan, a count of detected threats is displayed. More detailed threat information is displayed after the scan completes.
Click “Confirm” to move the detected threats to Quarantaine.
If a restart is required to complete remediation of threats detected during a scan, you will be notified. When a restart is required, please remember to save all work before clicking “Restart”.
Select your language