On Apr 10, 2025, at 13:21, Forrest Aldrich wrote: > My malware checker has identified potential malware (AtomicStealer) > distributed from MacPorts. I'd like to confirm with the community what else > is known: > > > /Applications/MacPorts/tea.app > ➜ /Applications cd MacPorts
I know that tea is a text editor. https://ports.macports.org/port/tea I am not aware of it containing malware. As far as I know, Atomic Stealer is distributed by tricking a user into downloading and installing what looks like a browser update or a cracked commercial application. It seems unlikely that it would appear in an esoteric open source text editor so my initial assumption is that this is a false positive from your malware checker. What is your malware checker? Have you contacted its developer?
