New MacOS malware Cleanup-My Mac busted

Again PCVark changed their application to avoid detection to trick macOS users to download their app that was found spreading popups and adware.

The application is being installed using a deceiving technique. A fake Apple clone web site is presented to the end-user, telling him that the Mac is infected with x number of viruses and immediate action must be taken.

Because of the phishing spreading technique and deceiving information presented to the end user inside the application, we raised the level of detection from adware to malware.
CyberByte Antivirus is detecting this malware as Malware.MacOS.CMM

Indicators of infection:
~/Library/Application Support/Cleanup-My Mac
~/Library/Application Support/chpmc

Certificate information:
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20200 size=12800 flags=0x0(none) hashes=392+5 location=embedded
Signature size=4697
Authority=Developer ID Application: Bimal Sharma (WQZ6U6WDNS)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Signed Time=Mar 28, 2019 at 6:10:08 AM
Info.plist entries=27
Sealed Resources version=2 rules=13 files=562
Internal requirements count=1 size=224

VirusTotal Detection rate 1/57

CyberByte™ Antivirus for Mac is now ready to remove and protect your Mac against this adware.
Get your CyberByte™ Antivirus copy from
CyberByte™ – part of CSD Cyber Smart Defence group of companies
Your Safety is Our Mission!