Downloaded a suspicious app. Please help

I use a mac and I downloaded typerdex(.)org’s app. Came across the app thru someone on threads and they guided me to download and install the app but it wasn’t the usual way of installing.

After opening the dmg file it said to move it to terminal and when I did that and press enter it asked me to enter my mac’s password, I did that and that was it. I don’t see any app installed. I’m scared that there might be something running in the background that I’m not aware of. The person who guided me has blocked me so clearly there’s something going on. Is there any way I could find out if this is a virus or something and if so, how can I get rid of it?

Appreciate the help!

MacBook Pro 16″, macOS 15.3

Posted on Mar 27, 2025 4:53 PM

Top-ranking reply

MrHoffman

Level 10

153,861 points

Posted on Mar 27, 2025 8:46 PM

The hidden file in /tmp, and the obfuscated shell script, both look very sketchy.

The Windows version also looks sketchy: https://www.joesandbox.com/analysis/1633305/0/html

More: https://securityonline.info/crazy-evil-cryptoscam-group-steals-millions-from-crypto-enthusiasts/

If that’s representative of what was installed, I’d wipe the Mac and start over without restoring.

And I wouldn't entirely trust even documente to be entirely unmodified. Microsoft Word macros and executable PDF files do exist.

It probably won’t be on the iPhone, but it may well have accessed backups of the iPhone, or your keychain contents. Which means a password rotation for everything that matters, two-factor authentication if not already, and related steps.

View in context

18 replies

Swiftslinger Author

Level 1

4 points

Mar 27, 2025 8:29 PM in response to g_wolfman

Thank you!

Also, I did connect my phone to the Mac to charge and stuff. Is there a chance for the malware to be transferred to the phone?

g_wolfman

Level 4

3,502 points

Mar 27, 2025 8:34 PM in response to Swiftslinger

Unlikely - you don't even have administrator privileges over an iPhone for the most part.

Swiftslinger Author

Level 1

4 points

Mar 27, 2025 8:51 PM in response to MrHoffman

Oh Noo :(

Even images aren’t safe?

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Downloaded a suspicious app. Please help