Don’t Listen to Anyone Who Tells You to Drag a Text File into Terminal

ByEmily Dolloff

In macOS 15 Sequoia, Apple made it more difficult to bypass Gatekeeper to run apps that aren’t notarized. (Notarization is one of the ways Apple ensures that apps distributed outside the Mac App Store are unmodified and free from malware.) Cybercriminals have responded to this increase in security with a new social engineering attack. They provide the victim with a disk image, ostensibly to install some desired piece of software, instructing the user to drag a text file into Terminal. Doing so executes a malicious script that installs an “infostealer” designed to exfiltrate a wide variety of data from your Mac. The simple advice here is to treat any guidance to drop a file into Terminal with extreme suspicion—no legitimate software or developer will ever ask you to do that.

(Featured image based on an original by iStock.com/Farion_O)

Social Media: Thing #17 to never do: Follow instructions to drop a text file into Terminal. It’s a great way to install malware and let cybercriminals steal your passwords, financial information, and more.

Similar Posts

  • I have been hosting phone bank parties for Bernie Sanders at my house as we head into the first caucuses and primaries. It is fun talking to folks out in Iowa and now New Hampshire to see who they are supporting and to tell them about the Senator from Vermont. I like being involved and feel if you are not involved, informed and voting you do sacrifice your right to complain about the results.

    Thank you for reading this issue of Kibbles & Bytes! We know it is YOU, our loyal customers that ultimately pay our wages and appreciate the support!

    Your Kibbles & Bytes Team,

    _Don, Dean, Emily & Scott_