Seems to be a sophisticated attack on certain targeted macOS users. And XProtect couldn't block it, but it's also not sure how it was delivered, I'm guessing either via email attachment or browser exploit. https://thehackernews.com/2022/03/new-variant-of-chinese-gimmick-malware.html
Hello @Rasheed187 Prior to the 17-March-2022 update to the macOS XProtect antivirus technology, the above was most likely to have been true. My take away, from a similar news story, is that Apple's last month macOS XProtect update to 2158 serves to defend Mac users from macOS.Gimmick (Chinese spyware). Unfortunately, Apple does not ordinarily release XProtect/MRT update details. Although that Chinese spyware is said to have targeted victims in Asia, it was not made clear if all the Google One - Cloud Storage accounts, used by that spyware, were entirely closed & deleted. One can always hope. https://appleinsider.com/articles/22/03/23/sophisticated-gimmick-malware-found-custom-made-for-macos Thank you always for the news story!
No correct, protection against this malware has been added. But my point is that you can't blindly rely on XProtect. Because I get this impression that it's not as advanced as Windows Defender, most likely because there is so little malware available for macOS. I personally would love to see more advanced behavior blocking on macOS, for example a tool like SpyShelter. But the market simply isn't big enough and I'm also not sure if macOS provides the API's to developers in order to build advanced anti-malware tools like behavior blocking and anti-exploit.
