Comment by a022311

I agree, it's very valuable in these situations, although it can only minimize damage. For Littlesnitch/OpenSnitch users: avoid allow rules that apply to all apps. Malware can and has used even trusted websites like Github Gists to expose secrets extracted.

In any case, even if your firewall protects you, you'll still have to treat the machine as compromised.