Wow, grabbing a base64 obfuscated URL with curl sending the output to bash is a huge red flag. I guess Mac users must not know anything about the CLI.
Never pipe the output of curl or wget to bash. You can’t inspect whatever it downloads before it gets run. If the URL is obfuscated, there is basically a 100% chance that it’s malicious.
If you know what curl is, you’re not the target audience.
The people this is targeting don’t even know what ‘CLI’ stands for, but they absolutely will copy/paste random commands into their computer if they’re told it’ll magically fix something.
Wow, grabbing a base64 obfuscated URL with curl sending the output to bash is a huge red flag. I guess Mac users must not know anything about the CLI.
Never pipe the output of curl or wget to bash. You can’t inspect whatever it downloads before it gets run. If the URL is obfuscated, there is basically a 100% chance that it’s malicious.
If you know what curl is, you’re not the target audience.
The people this is targeting don’t even know what ‘CLI’ stands for, but they absolutely will copy/paste random commands into their computer if they’re told it’ll magically fix something.