I have been told repeatedly on this forum by very loud and rude posters that Mac’s don’t have security issues.
So this, and other recent stories, are false..... :-O
It is. To install something in the booting Startup Items which is a protected Library in OS X and macOS still requires an Administrator Password. It won't happen without the user's stupid complicity. It takes industrial strength stupidity to give a ZIP FILE an administrator's name and password when it unZips. It will be as obvious as all hell that something that should NOT BE ALLOWED is going on.
About the only people I can think of that might be susceptible to this are those who are running as an Administrator and they would STILL have to provide their administrator password, not just click "Yes" when prompted as on the other popular system.
In addition, that screen that comes up looks absolutely NOTHING like a normal Apple update screen. That alone is enough to alert any normally alert Mac user. . . especially since it gives the user no choice in the matter. Apple always gives the user a choice. Pull the plug and then reboot. Find out what's wrong. It's easy to get rid of, simply delete the bogus "AppStore" file from the Startup folder in the Library. Done.
So: