OSX.ZuRu is Malwarebytes' detection name for a Trojan dropper that targets MacOS systems.
The disk image file for the trojanized iTerm2 includes a link to the Applications folder with a Chinese name.
Download and install the latest version of Malwarebytes for Mac.
Click the “Scan Now” button to perform a system scan.
If threats are detected during the scan, a count of detected threats is displayed. More detailed threat information is displayed after the scan completes.
Click “Confirm” to move the detected threats to Quarantaine.
If a restart is required to complete remediation of threats detected during a scan, you will be notified. When a restart is required, please remember to save all work before clicking “Restart”.
IPs: 18.104.22.168 22.214.171.124(:443)
Select your language