'Mughthesec' at '/Users/_____/Downloads/.com.google.Chrome.UqYVCf'

From my understanding of Mughthesec it is usually hidden as an adobe flash player download that looks legitimate. I would suggest uninstalling all adobe products from the system and reinstalling them from the manufacturers website.

It spreads under the file name player.dmg and will install the flash but also fraudulent programs called "advanced mac cleaner" and two safari extensions called "safe finder" and "booking.com"

Try removing those programs and extensions completely from your computer.

Hope that helps.

Unfortunately with Mugthesec it allows the attacker to drop as many secondary payloads as they want... so sometimes a full system reinstall is recommended if it cant be located. Hope it doesnt come to that. Good luck.

objective-see.com/.../blog_0x20.html

From my understanding of Mughthesec it is usually hidden as an adobe flash player download that looks legitimate. I would suggest uninstalling all adobe products from the system and reinstalling them from the manufacturers website.

It spreads under the file name player.dmg and will install the flash but also fraudulent programs called "advanced mac cleaner" and two safari extensions called "safe finder" and "booking.com"

Try removing those programs and extensions completely from your computer.

Hope that helps.

Unfortunately with Mugthesec it allows the attacker to drop as many secondary payloads as they want... so sometimes a full system reinstall is recommended if it cant be located. Hope it doesnt come to that. Good luck.

objective-see.com/.../blog_0x20.html