It seems as if there are a couple of possibilities for the source of /usr/bin/open:
-
If you are using Ventura, then it could have been installed as part of the OS (maybe 13.2.1, although there are conflicting reports)
-
It is part of LogMeIn – part of Citrix Online, if you installed that. Citrix are a legit company, but they do tend to fill your hard disk with cr*p
[Loaded] com.adobe.ccxprocess.plist (Adobe Inc. - installed 2023-02-14) Command: /usr/bin/open -a '/Applications/Utilities/Adobe Creative Cloud Experience/CCXProcess/CCXProcess.app' -
It is part of Adobe Creative Cloud Experience, if you installed that
[Loaded] com.adobe.ccxprocess.plist (Adobe Inc. - installed 2023-02-14) Command: /usr/bin/open -a '/Applications/Utilities/Adobe Creative Cloud Experience/CCXProcess/CCXProcess.app'The relation to Adobe Creative Cloud Experience (via
com.adobe.ccxprocess.plist) is also reiterated in the “best answer” in this link, I found an app called “Open” in the list of login items – can anyone identify what it is?
Source: usr/bin/open what is it? is it safe?
Note that the command line outputs were (apparently) created using a (seemingly useful) diagnostic tool called Etrecheck – I quoted the outputs from the link above – see Using EtreCheck for more information. I have never used this software though, so I can’t (personally) vouch for its reliability/authenticity, although it seems legit.
You can find out more about open from the man page, by typing man open. As Marc Wilson has kindly pointed out, open has been around since the dawn of OS X, and prior.
Indeed, the bottom of the man page states the following:
HISTORY
First appeared in NextStep.
So, in short, it is nothing to worry about.
FWIW, This question has also been asked over on SuperUser, Suspicious script meddling with /usr/bin/open.