As of last night, I can now say that over the last year, I have had to go to great lengths to extracate the horrible Geneio/InstallerMac malware off of every single Mac in my immediate & extended family (except, thankfully, my own.)
I guess for the basic Mac user, the alerts that InstallerMac puts up look innocuous and even helpful. Nobody remembers how it got installed. It might have been masquerading as an update to Adobe Flash in at least one instance.
Looking at the steps that are required to really remove everything that this malware leaves on your system, it’s clear that this stuff is insidious.
Back in September of 2014, I submitted a bug report (18193924) to Apple begging them to do something about this. No response yet.
Doesn’t it seem like Apple should take this kind of thing seriously? Isn’t that what XProtect is supposed to help us avoid?
If you have a developer account and can get to bugreport.apple.com, why not submit your own bug report?