The security experts from Malwarebytes Corporation has found new malware for mining Monero at MAC PC.
According to the news reports, the Apple forums were the first place where the MAC malware was mentioned. Specifically, the users blamed “mshelper” process. At the same time, after the examination, Malwarebytes found that the devices are infected by two more processes at once.
After careful study, the cybersecurity team determined that the malware consists of three parts: dropper, launcher, and miner. In particular, the dropper is used to install the Monero miner, while launcher and miner are based on open-source XMRig miner for Monero. These processes can capture a significant part of PC capacity.
"Often, Mac malware is installed by things like fake Adobe Flash Player installers, downloads from piracy sites, decoy documents users are tricked into opening, and other such things," commented experts.
Notably, the installer comes with a program – pplauncher based on Golang language.
“this malware is not particularly dangerous unless your Mac has a problem like damaged fans or dust-clogged vents that could cause overheating. Although the mshelper process is actually a legitimate piece of software being abused, it should still be removed along with the rest of the malware,” stated CEO of MAC and Mobile Devices department in Malwarebytes Corporation.