The company’s specialists Malwarebytes develops anti-virus software has detected a new malicious application, created on the basis XMRig that infects Apple computers, forcing them to mine Monero. They found that hidden mining using significant capacity on the computers CPU starts the process mshelper.
After studying the discussion on the work mshelper Internet forums devoted to Apple technology, staff from Malwarebytes have revealed several suspicious processes associated with the malicious application: it consists of a carrier of the virus (dropper), it installer and miner. To determine the dropper until it failed, and under suspicion got the fake version of Adobe Flash Player and other software. However, we know that it launches the file pplauncher laying down on a computer miner.
The researchers decided that the whole process does not harm the equipment and can be easily removed. However, they noted the increase in the number of cryptainer created specifically for the macOS.
We will remind, two weeks ago, researchers from Incapsula, the company found that cryptogamie began to use the latest version of the malware Kitty for mining Monero on sites running on Drupal CMS. And earlier for covert mining Monero the attack was carried out on the servers running Linux.