follow us on twitter . like us on facebook . follow us on instagram . subscribe to our youtube channel . announcements on telegram channel . ask urgent question ONLY . Subscribe to our reddit . Altcoins Talks Shop Shop


This is an Ad. Advertised sites are not endorsement by our Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise Here Ads bidding Bidding Open

Author Topic: Credibility Threat: Monero Mining Malware Attacks Macs  (Read 1533 times)

Offline Goodcat49

  • Legendary
  • *
  • Activity: 1567
  • points:
    1161
  • Karma: 0
  • corion.io
  • Trade Count: (0)
  • Referrals: 0
  • Last Active: September 07, 2020, 11:20:27 PM
    • View Profile

  • Total Badges: 18
    Badges: (View All)
    10 Posts First Post Sixth year Anniversary
Credibility Threat: Monero Mining Malware Attacks Macs
« on: May 28, 2018, 10:51:39 PM »
A lot of Mac users described in the last few weeks that a process dubbed ‘mshelper’ was consuming a lot of CPU power, whirring fans a little too fast and totally draining their batteries within a very short time. This turned out that the process is highly related and associated with a type of malware created to mine for Monero (XMR) cryptocurrency.

According to the reports from the affected users, anti-malware products at first either didn’t discover the threat at all or they couldn’t totally remove the infected materials.

Several experienced Researchers at Malwarebytes have ascertained the mshelper software was designed to operate in a malicious manner but they haven’t been able to exactly ascertain how it’s distributed, though they strongly believe that malicious documents, fake flash player installers or pirated software are the root cause of this problem instead of other more complex methods.

Cyber experts recognized that the launcher, a file uniquely identified as pplauncher, is left active by a launch daemon (com.pplauncher.plist) insinuating that the dropper likely had root privileges on the compromised setup. The designed launcher was created in Golang and it has a size of 3.5 megabits.

“Using Golang introduces significant overhead, resulting in a binary file containing more than 23,000 functions. Using this for what appears to be simple functionality is probably a sign that the person who created it is not particularly familiar with Macs,” said Malwarebytes’ Thomas Reed.
The compromised device begins mining the Monero cryptocurrency for the criminals who technically apportion the malware as soon as the launcher creates the mshelper process. The miner itself is an open source and authentic mining tool called XMRig.

Thomas emphasised that this malware is not certainly dangerous, apart from  Mac having a problem like damaged fans or dust-clogged vents that could result into overheating. He continued and said that even though the mshelper process is actually an authentic piece of software being abused, it has to be removed along with the rest of the malware.

Since the malware news has started spreading like a bush fire, security companies have started upgrading and updating their products such that they can completely remove the malware.

Users have also tried different methods including removing the malware manually by deleting the infected two files (/Library/LaunchDaemons/com.pplauncher.plist and /Library/Application Support/pplauncher/pplauncher) and rebooting their devices.

Thomas wrote:

“Mac crypto mining malware has been on the rise recently, just as in the Windows world. This malware follows other crypto miners for MacOS, such as Pwnet, CpuMeaner and CreativeUpdate. I’d rather be infected with a crypto miner than some other kind of malware but doesn’t make it a good thing.”
This is not the first reported incident related to cryptocurrency mining delivered to Mac users. Malwarebytes reported in February this year that a Monero miner was delivered via malicious versions of applications available via the MacUpdate website.

Read the details in the article of Coinidol dot com, the world blockchain news outlet: https://coinidol.com/credibility-threat-monero-mining-malware-attacks-macs/


                                                                              █
                              █████████                  ██████
                      ███████████████████████████   
              ███████████████████████████████   
            ████████████████████████████████   
        █████████████████████████████████     
    ████████████████████████████████████   
    ████████          █████████          █████████   
  ████████                ██████              ████████   
█████████                █████                ████████   
███████████                █                ███████████
██████████████                      ██████████████
█████████████████            ████████████████
███████████████                  ███████████████
█████████████                          █████████████
███████████              ███                ██████████
█████████                █████                ████████   
  ████████              ███████              ███████     
    █████████        █████████          ████████     
      █████████████████████████████████       
        ██████████████████████████████           
            ███████████████████████████             
              ████████████████████████                 
                  ████████████████████                     

CorionX


















Powered by,

Altcoins Talks - Cryptocurrency Forum

Credibility Threat: Monero Mining Malware Attacks Macs
« on: May 28, 2018, 10:51:39 PM »

For Monthly biddings Check Here


 

ETH & ERC20 Tokens Donations: 0x2143F7146F0AadC0F9d85ea98F23273Da0e002Ab
BNB & BEP20 Tokens Donations: 0xcbDAB774B5659cB905d4db5487F9e2057b96147F
BTC Donations: bc1qjf99wr3dz9jn9fr43q28x0r50zeyxewcq8swng
BTC Tips for Moderators: 1Pz1S3d4Aiq7QE4m3MmuoUPEvKaAYbZRoG
Powered by SMFPacks Social Login Mod