Bozer76 Posted May 28 ID:1639317 Share Posted May 28 MacOS Sonoma 14.5 (23F79) user. I fear I may have accidentally downloaded phishing malware from this URL: httpx://meetone.gg/ (made the URL unclickable) My Avast Premium app said "Threat secured - We've put sleeve in Quarantine because it was infected with malware: MacOS:Stealer-AB [Trj] and MacOS:Stealer-AE [Trj]." Here is what happened in detail: 1/ I downloaded the file 2/ I double-clicked on the container 3/ I asked Avast Premium to scan the Meetone App 4/ It gave me the above warning. I believe but am not 100% sure if I ever actually launched the app. 5/ Another window suddenly opened asking me to put in my password "to grant access to system preferences". Smelly af. 6/ Of course I did not touch the window, but I could also not close the window. Tried all sorts of ways. 7/ Then I did a restart, and it was gone. Then, I researched more and heard I should check out Malwarebytes! I did a first scan with Malwarebytes, but it could not find anything (score of 100). Questions: A/ Now, is there any experience with this specific Stealer-AB? B/ As I did not enter the password, is there a chance that I am still sort of in the clear? What would be the safest way? Thanks in advance! If Malwarebytes can help me get rid of this malware, I will instantly sign up for two years! Link to post Share on other sites More sharing options...
David H. Lipman Posted May 28 ID:1639325 Share Posted May 28 RE: MacOS:Stealer Link to post Share on other sites More sharing options...
David H. Lipman Posted May 28 ID:1639334 Share Posted May 28 Did you receive a spam'd message, SMS or Email, to visit, download and run this software? If yes, was there a Meeting Code, Conference Code or Key in the enticement? Link to post Share on other sites More sharing options...
Bozer76 Posted May 29 Author ID:1639471 Share Posted May 29 Morning David (am in Hong Kong), yes, will DM you. 1 Link to post Share on other sites More sharing options...
Staff Solution ElPiedra Posted June 1 Staff Solution ID:1640235 Share Posted June 1 Hi @Bozer76, What you downloaded is a Stealer malware disguised as an app called Meetone.App. It tries to steal your data if you enter your system password. Since you didn't enter the password and restarted, you should be safe after deleting Meetone.App. Let me know if you have any more questions. 1 Link to post Share on other sites More sharing options...
Bozer76 Posted June 2 Author ID:1640475 Share Posted June 2 Hi Marcelo, Thanks for your input - that is fantastic to hear because I 100% positively did not enter the password! What a relief - I will now delete the file of these scamming loosers. Thanks again 🙏 1 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now