Home / Crypto Currency / Beware of the Malicious Mac Monero Miner

Beware of the Malicious Mac Monero Miner

Malicious cryptocurrency mining tools have become a big problem over the past few months. In most cases, this malware only affects Windows users, although some Linux variants exist as well. It seems a stealthy Macintosh cryptominer has been utilizing the XMRig source code to mine Monero on behalf of criminals.

A Malicious Mac Cryptominer Appears

For the most part, users of the Macintosh operating system have been safe from harm in regards to malware and cryptocurrency miners. While that is still the case today, it does appear things are changing rapidly, and not for the better. In fact, a cryptominer affecting the Macintosh platform was discovered earlier this week.

As it happens, this malware doesn’t necessarily pose much of a problem. That’s because it is possible to remove this malicious cryptominer with relative ease. Moreover, the tool itself isn’t extremely sophisticated, although it indicates MacOS is a platform of increasing interest to criminals looking to exploit the cryptocurrency ecosystem.

It appears the mshelper process on Macintosh is the one to watch out for. This particular process, combined with a few other suspicious elements, cause Mac users to experience decreased CPU performance while the processes are active. It is a bit unclear how much of one’s processing power this malware uses, although it seems safe to say it’s anywhere from 30% to 70%. Cryptominers tend to squeeze out every bit of infected computers’ resources to maximize the criminals’ earnings.

The biggest concern when malware like this one is discovered is how it is distributed. In this case, there is a dropper involved, although it remains a bit unclear which method of distribution is being used. This makes it a bit difficult for security researchers to look into the matter and shut it down.

As with a lot of cryptocurrency mining-related malware, the main purpose of these criminals is to obtain the Monero cryptocurrency. It is one of the few currencies which can still be mined without dedicated ASIC hardware, and most XMR miners simply use their device’s CPU to do so. This has attracted the attention of criminals, who will infect computers in order to use other people’s CPU cycles to mine Monero.

Whether or not this means there will be more Mac-oriented malware in the future remains to be seen. The miner itself uses the XMRig open source library, which has become a favorite tool for criminals looking to mine Monero using malicious methods. For the time being, criminals will continue to target the cryptocurrency industry in any way they see fit.

Read more

Check Also

US Investor Files Lawsuit Against AT&T Over Cryptocurrency Theft

A U.S.-based cryptocurrency investor and entrepreneur has filed a multi-million-dollar lawsuit against telecommunications firm AT&T. Michael Terpin believes that he became the victim of a theft in which a large amount of digital currency was taken from him due to the company’s negligence. Terpin Believes He Was the Victim of a SIM Swap Fraud Michael Terpin has brought legal action against the U.S. telecommunications provider AT&T. The investor and early cryptocurrency advocate filed a 69-page complaint with the U.S. District Court in Los Angeles. During the document, Terpin claims that a large number of digital coins and tokens were stolen from him on January 7, 2018. It goes on to state that AT&T are guilty of gross negligence and fraud, which resulted in the loss of a substantial amount of cryptocurrency. According to Reuters, AT&T responded via email to the complaint by stating: “We dispute these allegations and look forward to presenting our case in court.” The filing claims that Terpin was the victim of a SIM swap fraud that was made possible by the negligence of AT&T. Such a scam involves fraudsters convincing a mobile phone provider to switch a user’s phone number to another SIM card which is under their control. Scammers can then use the number to reset login information for various accounts, allowing them to access them. Michael Terpin is the co-founder of BitAngels – an early angel group for Bitcoin investors. He also helped to set up the first digital currency fund, the BitAngels/Dapps fund in 2014. Today, Terpin is one of the Alphabit Fund’s top advisers. According to the court documents, a total of three million digital tokens were taken from Terpin. Back in January, these were worth around $23.8 million collectively. The filing also states that Terpin is seeking an additional $200 million in punitive damages. Whatever the outcome of Terpin’s court case, it illustrates the dangers of keeping large amounts of digital assets anywhere but in properly secured cold storage. The precise details of the storage of Terpin’s tokens are not currently known. However, any solution which could be comprised by SIM swap fraud is evidently not secure enough. Terpin’s missing funds join the other $1.2 billion plus of cryptos stolen from poorly secured storage solutions since 2017. The case also highlighted a need for adequate custody services in the cryptocurrency industry. This is seen by many as one of the most important steps to opening cryptocurrencies to a wider group of investors. Many do not have the technical knowledge required to set up totally secure paper wallets. Others simply shirk the responsibility of being the sole participant responsible for the safety of their digital wealth. The industry is responding, however. Already this year, NewsBTC has reported on efforts by Circle, Coinbase, and Blockchain to facilitate secure storage for large net-worth individuals and institutions. Featured image from Shutterstock. The post US Investor Files Lawsuit Against AT&T Over Cryptocurrency Theft appeared first on NewsBTC.

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Trading in bitcoins or other digital currencies carries a high level of risk and can result in the total loss of the invested capital. theonlinetech.org does not provide investment advice, but only reflects its own opinion. Please ensure that if you trade or invest in bitcoins or other digital currencies (for example, investing in cloud mining services) you fully understand the risks involved! Please also note that some external links are affiliate links.