A new strain of MacOS malware is targeting those who like to discuss their cryptocurrency investing in Slack or Discord groups. It depends on a certain level of naiveté on the part of the victim - a level that resulted in the strain being labeled OSX.Dummy.
The social engineering attack presents a request from a user identifying themselves as an administrator of the group. They ask the victim to run a lengthy command in a terminal window, then ignore the 34 Mbyte file that is downloaded. If the victim does both of these things, they find that their Macintosh has been hijacked by a hacker using a C&C server in the Netherlands.
In a comment supplied to Dark Reading, Ryan Benson, senior threat researcher at Exabeam said, "A lot of otherwise non-technical people have jumped on the cryptocurrency bandwagon and want to get involved. Cryptocurrencies are inherently technical, so these less-technical users may be used to following technical how-tos without really understanding what the commands they run are doing. This puts them in dangerous territory and ripe for an attack like this, even if it is 'dumb.'"