Remove adobe creative cloud for one user and not the other user on a mac

broken image
broken image

We also found out that the malware connects to hxxps:///jj9a, which contains an encrypted Python script that checks if Little Snitch - a host-based application firewall for macOS - is running.

This is the original Adobe Zii.app used to camouflage its malicious background activities. The contents are then extracted and executed in the system. While running a copy of Adobe Zii.app, we observed that it downloads sample.app from hxxp://46226108171:80/sample.zip and saves it to the user directory ~/.

 

PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save