OSX.LaoShu
Short bio
OSX.LaoShu is Malwarebytes’ detection name for a Trojan that targets macOS systems.
Type and source of infection
OSX.LaoShu is an information stealer that was distributed as a link in email campaigns. The URL in the mail downloaded what looked like a pdf, but was in fact an application. This Trojan is also capable of downloading and installing new software and running shell commands.
Aftermath
Since the stolen data were sent to a C&C server and additional malware may have been installed, users may find addtional malware on their system and should be vigilant concerning abuse of their data in phishing attacks and account take-overs.
Protection
Malwarebytes for Mac detects and removes OSX.LaoShu.
Remediation
Malwarebytes for Mac will detect and remove the components of this malware.
Download and install the latest version of Malwarebytes for Mac.
Click the “Scan Now” button to perform a system scan.
If threats are detected during the scan, a count of detected threats is displayed. More detailed threat information is displayed after the scan completes.
Click “Confirm” to move the detected threats to Quarantaine.
If a restart is required to complete remediation of threats detected during a scan, you will be notified. When a restart is required, please remember to save all work before clicking “Restart”.