Mughthesec is a new version of the OperatorMac family of malware that has long targeted Mac users. However, Mughthesec has a rare and dangerous feature—a MAC-address-based anti-VM detection system combined with a valid Apple developer certificate. That means the malware can pass through Apple's Gatekeeper system undetected.
Mughthesec is adware that spreads by installing a legit version of the Adobe Flash Player for Mac accompanied by unwanted adware—an app named Advanced Mac Cleaner and two Safari extensions named Safe Finder and Booking.com. Cybersecurity experts believe users become infected by clicking on malicious ads or "pop-ups on shady websites."
The only way infected users can definitively remove both Mughthesec and all its secondary payloads is to completely reinstall their operating system. Catalin Cimpanu "New Mac Adware Mughthesec Will Cause Serious Headaches," www.bleepingcomputer.com (Aug. 10, 2017).