In the last week of May, researchers announced of a new Mac-based cryptojacking attacking the Apple’s forums. The malware deceived users to unintentionally run software that mines privacy coin monreo which is the most preferred cryptocurrency for hackers.
The mysterious attack came to light when a user accidentally discovered that a process called “mshelper” was consuming large amounts of central processing unit (CPU) power, and in the process was overheating the cooling fans. The user also reported that mshelper was continually appearing in the CPU section and the threat report generated by Activity Monitor indicated that the appearing occurred at unusual levels.
A further drill down into the issue showcased other suspicious processes were installed as well. As a result, many other Mac users started investigating on their devices and found it to be infected too.
The further drill down into the issue revealed three main components of the malware, the dropper, launcher, and the miner.
#Dropper – The program which downloads the malware.Here the program was downloaded as it arrived in the form of an Adobe Flashplayer install file.
#Launcher – Its function is to install and launch the malware. The launcher file called ‘pplauncher’ was kept active by a launch daemon.
#Miner – As mentioned above the miner is “mshelper” which is based on XMRig, an open source monero miner. This is an open source which i is readily available for install on Macs.
The malware is vexatious, is not complex, and can be quickly eliminated. In the recent years, there is an increasing number of Mac cryptominer attacks. Optimistically, many users assume that the trend is common in the Windows PCs alone, however, Mac crypto mining malware attacks are steadily increasing in the recent times.
To better address these issues, you need a robust malware removal program that offers all-around protection. Comodo Antivirus for Mac is such a solution which can quickly identify and eliminate malicious software without modifying end-user experience. Comodo Antivirus for Mac enables only known good files to run on a device with unlimited access, enabling users to run anything on their computer without fear of infection. Try Comodo Antivirus today!
If you think your Mac is infected with this malware, Comodo Antivirus for Mac will remove it. Visit our official page to down the free version!