A newly discovered malware infection targeting macOS devices.
Malwarebytes security researchers say it has the ability of injecting ads into encrypted web traffic.
This malware is call OSX.SearchAwesome, the malware is delivered by a malicious installer that arrives as an app downloaded using a torrent file. The malware installer looks like a disk image file but doesn’t have the usual icon art that is used to make it look legitimate.
When the malware is launched, the image file installs the the payload silently and then it requests the user to authorize changes to the Certificate Trust Settings and to allow a component called spi to modify the network configuration. This will then allow the malware to inject itself to network traffic.