What is a Trojan.MAC.GetShell?
Trojan.MAC.GetShell is a Trojan infection. A trojan (sometimes referred to as a Trojan virus or Trojan horse virus) is malware that stealthily infiltrates users’ computers and performs various malicious tasks. The term ‘Trojan’ originates from a well-known historical event in which Greeks used a decoy to enter the independent city of Troy and win the war. The malware uses the Trojan name, since it employs similar tactics. Users are made to believe that they are downloading a Flash Player update or opening a legitimate email attachment, but in fact they are infecting their computers with malware.
After successful infiltration, trojans usually attempt to gain remote control of vulnerable Mac computers, record users’ Internet browsing behaviour, steal banking details and passwords from users’ keychains (password management systems), and perform other malicious tasks. The main task of a trojan infection is to stay undetected for as long as possible. Therefore, these types of infections are difficult to spot and often go unnoticed.
Here are different types of Trojans distributed by cyber criminals:
- Banking Trojans – Steal banking and other online transaction information. Inject a virtual layer over legitimate banking websites and collect information entered by the user.
- Downloader Trojans – Install additional malware on victims’ computers.
- DDoS Trojans – Infects victims’ computers and apply a botnet that is later used to execute DDoS attacks on selected targets.
- Spy Trojans – These trojans stealthily infiltrate users’ computers and attempt to track various details including, for example, keystrokes, websites visited, screenshots taken, etc. Collected data is then sent to a Trojan command server where cyber criminals can view the information.
This is the appearance of a fake Flash Player installer that distributes Trojans:
Indications of a trojan infection can be reduced Mac performance and strange behaviour when browsing the Internet. For example, when visiting banking portals, banking Trojans inject a virtual layer over legitimate websites to capture login details.
How did Trojan.MAC.GetShell install on my Mac?
Trojan infections are not as widely proliferated on Mac computers as those running the Windows operating system. Most commonly, Trojans are distributed using infected email attachments and fake downloads. Users are tricked into opening a seemingly harmless CV, invoice, or other document attached to a (supposedly legitimate) email. Rather than receiving the required file, however, they inadvertently infect their systems with malware. Another Trojan distribution source is fake downloads. For example, rather than installing a Flash Player update, Mac users inadvertently infect their computers with a Trojan.
How to avoid getting your Mac infected by Trojans?
To remain safe when browsing the Internet, never trust websites that demand you update Flash Player. If you do wish to update it, the only safe source is the official Adobe website. Do not download software cracks or various keygens (key generators). Visiting Torrent websites also poses a high risk of infection.
Automatic Trojan.MAC.GetShell removal:
Manual trojan removal can be a lengthy and risky process. This type of malware is specifically designed to avoid detection and hide within systems. Combo Cleaner is award-winning Mac antivirus software that can detect and remove Trojan.MAC.GetShell automatically. Click the button below to download Combo Cleaner:
Download Combo Cleaner Now
Free Scanner checks if your computer is infected. To remove threats, you have to purchase the full version of Combo Cleaner
Manual Trojan.MAC.GetShell removal:
1. Open you Launchpad, select “Other“, in the opened list select “Activity Monitor“.
2. In Activity Monitor look for any suspicious process name, when located double click on it.
3. In the opened window click the “Sample” button. This will open an additional window where you will see a line starting with “Path:” Select the path of the suspicious process (select the path, then right click your mouse over the selection and click “copy”).
4. Click on any blank space on your desktop, then select “Go” from the top menu. From the “Go” menu select “Go to Folder…“, in the opened window paste the path of the suspicious process you copied previously.
5. From the opened folder: drag and drop the file of the suspicious process to your trash can.
Optional steps using EtreCheck:
1. Download EtreCheck (a free application that lists unsigned application files, indicates about adware infections, etc).
2. Launch EtreCheck, select “Other problem” (or any other suggestion from the list) and click on “Start EtreCheck“.
3. Select the Security Tab on the left side and check the list of detected items, if you find suspicious files, click on “Remove” button next to them.
4. Select the Network Tab on the left, look for suspicious processes by network usage.
5. Select Performance Tab, look for processes consuming a lot of CPU, this could indicate a crypto currency mining Trojan infection. If located click on “Reveal in Finder“, then select the suspicious file and drag and drop it to your trash can.