Users
complaining
on
Apple
‘s official discussion forum about processes that use a lot of CPU have led to the discovery of a new piece of cryptocurrency-mining malware on
macOS
that is based on XMRig,
Malwarebytes
researcher Thomas Reed
writes
.
The open-source
XMRig
Monero miner is widely used for both benign and malicious purposes. It has been
ported
to
Linux
, so its discovery in
macOS
malware is hardly surprising and fits a general trend that sees malicious actors switching to generating themselves a small, but reliable stream of income through mining cryptocurrencies (most commonly Monero) using other people’s resources.
This malware isn’t particularly advanced, Reed writes, and can easily be removed. As threats go, malicious cryptominers pale in comparison to more damaging threats such as ransomware, yet users are rightly concerned about the high CPU usage and the heat and noise that result from it – security software should, and often does, remove it.
At VB2018 in Montreal, Thomas Reed will
present a paper
about a more advanced threat facing
macOS
: a way for malware to hijack legitimate applications and use this as a means to bypass the verification of code signatures. On the subject of cryptominers, his
Malwarebytes
colleague Jérôme Segura will
discuss
the prevalent threat of ‘drive-by mining’.
VB2018
takes place 3-5 October in Montreal, QC, Canada.
Register now
to book your place and join security researchers from around the world. Receive a 10% Early Bird discount by booking before 1 July 2018.
Leave a Reply