How to remove ObjCShellz from your computer

Also Known As: ObjCShellz backdoor
Type: Mac Virus
Damage level: Severe

What kind of malware is ObjCShellz?

ObjCShellz is a newly discovered macOS malware associated with the BlueNorOff hacking group. This malware is specifically designed to target macOS devices. What sets ObjCShellz apart is its capability to open remote shells on compromised macOS systems, enabling unauthorized access and control over infected devices.

ObjCShellz macOS malware

ObjCShellz overview

The primary purpose of ObjCShellz is to serve as a backdoor, providing attackers with the means to execute commands on both Intel and Arm-based Macs. While it may be relatively simple in design, its functionality is robust, making it a valuable tool for cybercriminals.

The malware is believed to be employed in the late stages of multi-stage attacks and is distributed using undetermined initial access vectors. The potential damage posed by ObjCShellz is substantial. Once a macOS system is compromised, the malware allows attackers to manipulate the infected device, potentially resulting in data theft, unauthorized access, and the execution of malicious commands.

Its association with the BlueNorOff group, known for financially motivated attacks, underscores the risk it poses to the security and financial interests of its victims. BlueNorOff is recognized for its focus on targeting cryptocurrency exchanges and financial organizations worldwide.

It is crucial to understand the risks associated with this malware and to implement robust security measures to defend against potential attacks and mitigate the financial and security implications it may bring to victims.

Threat Summary:
Name ObjCShellz backdoor
Threat Type Backdoor Malware
Detection Names Arcabit (Trojan.MAC.Lazarus.T [many]), Combo Cleaner (Trojan.MAC.Lazarus.T), ESET-NOD32 (A Variant Of OSX/NukeSped.AF), MAX (Malware (ai Score=87)), Trellix (Trojan.MAC.Lazarus.T), Full List (VirusTotal)
Symptoms Malware like ObjCShellz is often designed to stealthily infiltrate the victim's computer and remain silent, and thus no particular symptoms are clearly visible on an infected machine.
Distribution methods Infected email attachments, malicious online advertisements, social engineering, software 'cracks'.
Damage Stolen passwords and banking information, identity theft, additional infections, monetary loss, or other issues.
Malware Removal (Mac)

To eliminate possible malware infections, scan your Mac with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
▼ Download Combo Cleaner for Mac
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.


In conclusion, ObjCShellz, the macOS malware associated with the financially motivated BlueNorOff hacking group, represents a significant and evolving threat to individual users and organizations. As this malware continues to evolve and adapt, it highlights the ever-increasing need for robust cybersecurity measures, user awareness, and proactive defense strategies.

More examples of malware targeting macOS users are KandyKorn, MetaStealer, and XLoader.

How did malicious applications install on my computer?

Cybercriminals can employ various tactics to distribute ObjCShellz and infiltrate macOS systems. Common distribution methods include phishing campaigns, where attackers send convincing but malicious emails that trick recipients into opening infected attachments or clicking on harmful links.

By exploiting social engineering techniques, these attackers often impersonate trusted entities, luring victims into unwittingly executing the malware. Additionally, malicious downloads from compromised or counterfeit websites can serve as entry points for ObjCShellz.

Cybercriminals may create deceptive web pages offering seemingly legitimate software or content downloads to entice users into downloading and executing the malware. Furthermore, malware can be spread through exploit kits, leveraging software vulnerabilities to infiltrate devices.

How to avoid installation of malicious applications?

To protect their computers from threats like ObjCShellz and other malware, users should adopt a multifaceted security approach. First and foremost, keeping operating systems and software up to date is crucial, as these updates often contain patches for known vulnerabilities that cybercriminals can exploit.

Employing reliable antivirus or anti-malware solutions and ensuring they are regularly updated is equally essential to provide an added layer of defense against threats. In addition, user awareness is vital. Avoiding suspicious email attachments and refraining from clicking on unfamiliar links can prevent malware infiltration through phishing campaigns.

Be cautious when downloading software or files, sticking to trusted sources, and avoiding potentially compromised websites. If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for macOS to automatically eliminate all threats.

Instant automatic Mac malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of Mac malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner for Mac By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

Video showing how to remove adware and browser hijackers from a Mac computer:

Unwanted applications removal:

Remove potentially unwanted applications from your "Applications" folder:

Manual removal of malicious Mac applications

Click the Finder icon. In the Finder window, select "Applications". In the applications folder, look for "MPlayerX","NicePlayer", or other suspicious applications and drag them to the Trash. After removing the potentially unwanted application(s) that cause online ads, scan your Mac for any remaining unwanted components.

Frequently Asked Questions (FAQ)

My computer is infected with ObjCShellz malware, should I format my storage device to get rid of it?

Formatting your storage device should be viewed as an extreme measure and should only be contemplated as a final option. Prior to taking such action, it is advisable to attempt using trusted security software, such as Combo Cleaner, to perform a scan and eliminate the ObjCShellz malware.

What are the biggest issues that malware can cause?

Malware can cause severe problems, including data theft, financial loss, loss of access to online accounts, system disruptions, and the facilitation of cyberattacks, making it a major cybersecurity issue.

What is the purpose of ObjCShellz malware?

The primary purpose of ObjCShellz malware is to serve as a robust backdoor, enabling cybercriminals to execute commands on both Intel and Arm-based Macs. Once a Mac system is compromised, ObjCShellz allows attackers to manipulate the infected device, potentially resulting in data theft, unauthorized access, and the execution of malicious commands.

How did a malware infiltrate my computer?

Common entry points include malicious email attachments or links, where clicking on an infected file or URL can introduce malware onto your system. Visiting compromised or malicious websites, downloading pirated software or files from untrustworthy sources, and using infected external storage devices can also expose your computer to malware. Additionally, outdated operating systems and software can have vulnerabilities that malware exploits to gain access.

Will Combo Cleaner protect me from malware?

Combo Cleaner has the capability to find and remove nearly all malware infections. It is important to note that advanced malware often conceals itself deep within the system. Consequently, a complete system scan is crucial for effective detection and removal.

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Removal Instructions in other languages
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
ObjCShellz backdoor QR code
Scan this QR code to have an easy access removal guide of ObjCShellz backdoor on your mobile device.
We Recommend:

Get rid of Mac malware infections today:

Download Combo Cleaner for Mac

Platform: macOS

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.