Malware, tea.app (AtomicStealer)
Ryan Carsten Schmidt
ryandesign at macports.org
Thu Apr 10 19:17:36 UTC 2025
On Apr 10, 2025, at 13:21, Forrest Aldrich wrote:
> My malware checker has identified potential malware (AtomicStealer) distributed from MacPorts. I'd like to confirm with the community what else is known:
>
>
> /Applications/MacPorts/tea.app
> ➜ /Applications cd MacPorts
I know that tea is a text editor.
https://ports.macports.org/port/tea
I am not aware of it containing malware.
As far as I know, Atomic Stealer is distributed by tricking a user into downloading and installing what looks like a browser update or a cracked commercial application. It seems unlikely that it would appear in an esoteric open source text editor so my initial assumption is that this is a false positive from your malware checker.
What is your malware checker? Have you contacted its developer?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-users/attachments/20250410/1361bbbd/attachment.htm>
More information about the macports-users
mailing list