macOS Momentum App 2.4.20 Malware report. What next?

There are no known Windows-like Viruses in the wild that self replicate and affect macOS, because of the underling UNIX  Foundation and Permission Limitation. 

The The Built in Security  is all that is required to protect the computer.

Are there any AntiVirus, Disk Cleaner, Optimizers, Un-installers, etc installed which should be removed as per Developers Instructions. They are useless, unneeded, cause havoc and interfere with the normal operation of the OS and may even Corrupt the OS requiring a Reinstallation. 

Since one appears to believe, because an Application is offered on the Apple Apps Store it automatically mean the Application is safe to use.

That is a total fallacy.

By example only, a disk Cleaner Application call "CleanMyMac" is also offered on the Apple Apps Store .

On these ASC Forums, it is known to be destructive and harmful application that should also, like the AV Software under discussion, be remove as per the Developers Instructions.

A testament of CMM on the First 600 posting - https://discussions.apple.com/search?q=cleanmymac

A testament to Intego AV software https://discussions.apple.com/search?q=Intego%20VirusBarrier%20Scanner%20&page=1&content=filterDiscussions

robertdownunder wrote:

Glad to be a source of humour for etresoft, even if it is at my expense.

What? You setup the joke and then complain when I deliver the punchline?

Iiiasss has provided a link about this malware which was first detected by Intego VirusBarrier.

There were two links. The first link was an ad for the SpyHunter antivirus tool. The second was an ad for Intego.

Intego produced the virus software that I downloaded from the App Store.

The Mac App Store has a lot of problems. I'm not denying any of those. But notably, it does not have a malware problem. Obviously that is a false positive.

Normally, I don't automatically recommend that people uninstall antivirus apps. Apple's operating systems contain built-in protection against malware. However, Apple always allows the end user to override these protections. That's where the problem comes in. Apple only protects the system against malware. Users who find themselves repeatedly being tricked into installing malware may benefit from 3rd party antivirus apps that protect the system against the user.

I only recommend uninstalling antivirus apps when they are obviously causing some problem and/or aren't working. Clearly this is a false positive. Your legitimate Mac App Store app is not malware. You said the Momentum app was a Mac App Store app. The icon in your screen shot matches the app's page on the Mac App Store. Perhaps your antivirus is confusing this app with the Momentum botnet or perhaps the Momentum usenet client, which has been associated with some malicious activity. You might assume that antivirus scanners are somehow more sophisticated that just looking for a string like "momentum" in the executable. I can tell you from direct, personal experience that they are not.

So, since you were confused about the false positive and came here asking for help, I consider that causing a problem. So I suggested the best solution. Ironically enough, my solution is even better than I thought originally. Apparently, you are also using the version of Intego downloaded from the Mac App Store. The technical limitations that Apple imposes on all Mac App Store apps makes antivirus functionality impossible. A Mac App Store app cannot even see the entire disk. Those few places it can access, it can't modify. So how is it supposed to protect you?

What I do not understand is why Apple place antivirus software in their App Store - where I downloaded it. Apple have not given such a clear indication themselves about the utility or not of antivirus software. At least not in the last 13 years that I have been looking. I shall have to try and engage Apple over this issue.

It isn't a question of utility, but of lawyers. Mac App Store apps aren't going to do any harm. The worst they can do is scam you into some subscription, which you can easily cancel when you realize you've been had. But Apple does allow major antivirus vendors to have products in the store as a form of advertisement.

OSX/Adload is malware that can get your browser to go to specific site. I would delete it

https://sensorstechforum.com/adload-mac/

https://zlid.net/2021/08/26/osx-adload-mac-malware-apple-missed-for-many-months/

I also would uninstall your virus scanner, it is unnecessary

No company is going to tell you that AV software is unnecessary. If one got through at some point in the future then they'd be sued. So, they say nothing. You want to install it, off you go. Why do they sell it? Because there's a 30% portion of the price goes to them. You think Walmart "approve" of everything they sell?

Can not speak directly to why Apple does or does not placing any type of warning on this or any other Application in the Apple Apps Store.

IMHO - The most important is Due Diligence on the part of the User, that is " just common sense ".

As stated early " There are no known Windows-like Viruses in the wild that self replicate and affect macOS, because of the underling UNIX  Foundation and Permission Limitation.  "

In effect - a Non Existent issue on macOS and paying AU Dollars is money down the rabbit hole with zero return except software issues and empty pockets.

Unfortunately, Apple cannot 100% guarantee ... well, anything. There will always be exceptions.

Is it now the case, and always has been, for a user to be aware of everything he/she does and the consequences of any and all actions.

Apple does far better than many, especially compared to its main contender for desktop computer systems. But, you can always achieve 100% security (or nearly so) if you really want it, but that will pretty much take away freedoms you enjoy. It's on the user to decide what mix of security and freedom is acceptable.

One way to achieve security approaching 100% is to never use the internet. Millions of us did it for decades; you can too.

Given the need for security updates macOS is future-proofed from being sued unless they knowingly with-held an update.

See? This is why Apple don't need a legal department. There's loads of free legal advice on the internet

It is a commendable effort plus time and " limit to one's resources " put this together.

Though, if one were to use the same amount of effect to research the Application, in question , before installing it - the computer may not have reached this compromised state.

All the information on this specific application is readily available and requires very little effort, on the user part, to uncover it.

robertdownunder wrote:

I am happy to delete everything recommended.

Excellent!

Delete your virus scanner.

I thought this topic was closed.

I thought this topic was closed.

You also think your “anti-virus” app isn’t lying to you and provides a useful function.