Home / Crypto Currency / Beware of the Malicious Mac Monero Miner

Beware of the Malicious Mac Monero Miner

Malicious cryptocurrency mining tools have become a big problem over the past few months. In most cases, this malware only affects Windows users, although some Linux variants exist as well. It seems a stealthy Macintosh cryptominer has been utilizing the XMRig source code to mine Monero on behalf of criminals.

A Malicious Mac Cryptominer Appears

For the most part, users of the Macintosh operating system have been safe from harm in regards to malware and cryptocurrency miners. While that is still the case today, it does appear things are changing rapidly, and not for the better. In fact, a cryptominer affecting the Macintosh platform was discovered earlier this week.

As it happens, this malware doesn’t necessarily pose much of a problem. That’s because it is possible to remove this malicious cryptominer with relative ease. Moreover, the tool itself isn’t extremely sophisticated, although it indicates MacOS is a platform of increasing interest to criminals looking to exploit the cryptocurrency ecosystem.

It appears the mshelper process on Macintosh is the one to watch out for. This particular process, combined with a few other suspicious elements, cause Mac users to experience decreased CPU performance while the processes are active. It is a bit unclear how much of one’s processing power this malware uses, although it seems safe to say it’s anywhere from 30% to 70%. Cryptominers tend to squeeze out every bit of infected computers’ resources to maximize the criminals’ earnings.

The biggest concern when malware like this one is discovered is how it is distributed. In this case, there is a dropper involved, although it remains a bit unclear which method of distribution is being used. This makes it a bit difficult for security researchers to look into the matter and shut it down.

As with a lot of cryptocurrency mining-related malware, the main purpose of these criminals is to obtain the Monero cryptocurrency. It is one of the few currencies which can still be mined without dedicated ASIC hardware, and most XMR miners simply use their device’s CPU to do so. This has attracted the attention of criminals, who will infect computers in order to use other people’s CPU cycles to mine Monero.

Whether or not this means there will be more Mac-oriented malware in the future remains to be seen. The miner itself uses the XMRig open source library, which has become a favorite tool for criminals looking to mine Monero using malicious methods. For the time being, criminals will continue to target the cryptocurrency industry in any way they see fit.

Read more

Check Also

FBI: “Call of Duty” Players Remotely Stole $3.3 Million in Cryptocurrencies

A group of “Call of Duty” players from Indiana are accused of stealing more than $3 million in cryptocurrencies after coercing an Illinois man to aid them in remotely hacking unsecured crypto wallets on more than 100 cell phones. Man Coerced Into Hack After SWATing Incident The episode began in Bloomington, Illinois, where a local man told the FBI he met the members of the would-be group of cybercriminals online playing Call of Duty. In the simulated warfare game, players are able to communicate with each other in real-time and with relative privacy. The group, based out of Dolton, Indiana, allegedly coerced the man from Bloomington into working for them using an intimidation tactic called “SWATing,” a nefarious, illegal, and dangerous phenomenon that has become increasingly popular in online gaming communities. SWATing is when police are called with a false report of a violent crime at someone’s home, which prompts a response from a SWAT team — oftentimes leading to door breaches, gunfire, and even the accidental deaths of unknowing victims. It’s often used as a decidedly dark method of payback, or, as in this case, to intimidate or threaten an individual. Afraid of further retaliation the man succumbed to the hacker’s requests, to which they handed over names, phone numbers, and other information that permitted him to remotely access the cell phones of their victims. According to the FBI affidavit, the man admitted to taking over the cell phones of more than 100 people. Once the group took over a phone, they were able to hack into a victim’s cryptocurrency account and drain their funds. The group is suspected of stealing at least $3.3 million in various cryptocurrency, including about $805,000 in Augur’s Reputation Tokens, according to the FBI. The suspects then allegedly moved stolen tokens through cryptocurrency networks, such as Ether or Bitcoin, to their own digital wallets. As of yet, the Chicago Sun-Times isn’t naming the suspects identified in the affidavit because they don’t appear to have been charged with any crimes. In an online interview the Bloomington man proclaimed his innocence — even going as far as to say that considers himself a victim: “I have done nothing but cooperate with Augur and the FBI,” he said. “I have never once profited from anyone [by] crypto-hacking, ever.” Crypto Thefts in First Half of 2018 Total Over $1.1 Billion According to recent study from cybersecurity firm Carbon Black, the total amount of cryptocurrency that has been stolen through cybercrime this year alone is over $1.1 billion — primarily through ransomware and exchange hacks. The firm’s report claims that many criminals are using the dark web to appropriate cryptocurrency from their victims, estimating that there are over 12,000 marketplaces with almost three times that number of crypto theft listings between them. Rick McElroy, security strategist at Carbon Black, spoke on the trend, noting how easy it is for cybercriminals to operate these days: “It’s surprising just how easy it is without any tech skill to commit cybercrimes like ransomware… It’s not always these large nefarious groups, it’s in anybody’s hands.” Part of the reason for this is the accessibility and user-friendliness of the tools of the trade. McElroy said that certain pieces of malware even come with customer service to aid would-be cybercriminals, adding that the malicious software costs an average of $224 but can be picked up for as little as $1.04. Many of the attacks against crypto users, companies, and exchanges originate from an organized group of criminals like those out of Indiana, however, McElroy says, they’re just as likely to be the product of a trained engineer who is out of work: “You have nations that are teaching coding, but there’s no jobs… It could just be two people in Romania needing to pay rent.” Image from Shutterstock The post FBI: “Call of Duty” Players Remotely Stole $3.3 Million in Cryptocurrencies appeared first on NewsBTC.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Disclaimer: Trading in bitcoins or other digital currencies carries a high level of risk and can result in the total loss of the invested capital. theonlinetech.org does not provide investment advice, but only reflects its own opinion. Please ensure that if you trade or invest in bitcoins or other digital currencies (for example, investing in cloud mining services) you fully understand the risks involved! Please also note that some external links are affiliate links.