As of last night, I can now say that over the last year, I have had to go to great lengths to extracate the horrible Geneio/InstallerMac malware off of every single Mac in my immediate & extended family (except, thankfully, my own.)
I guess for the basic Mac user, the alerts that InstallerMac puts up look innocuous and even helpful. Nobody remembers how it got installed. It might have been masquerading as an update to Adobe Flash in at least one instance.
Back in September of 2014, I submitted a bug report (18193924) to Apple begging them to do something about this. No response yet.
Doesn’t it seem like Apple should take this kind of thing seriously? Isn’t that what XProtect is supposed to help us avoid?
If you have a developer account and can get to bugreport.apple.com, why not submit your own bug report?