As computing resources are mostly occupied by cryptojacking elsewhere, hackers are finding new and unexplored ways to infect computers that typically were left out of the radar.
Since XMRig can run on Macs, some hacker out there wrote malware for the operating system to make people who purchased Apple (NASDAQ:AAPL) products mine Monero.
The new malware variant was first discovered when a user on Apple’s product forum complained that a program called “mshelper” is using up all of his computing power. Despite using BitDefender to remove the software, it kept reappearing.
Soon after that, other users appeared complaining about the same issue, adding that a “CoinMiner” application was also using up their CPUs.
Malwarebytes picked up on the situation and later published its analysis of the software, revealing that it consists of three distinct parts: a “dropper,” a launcher, and a miner.
The “dropper” is the part that loads the malware on the computer. Any download from a dubious place on the internet can potentially contain this and it will immediately insert the launcher into the system.
The launcher itself is nothing more than a file called “pplauncher” that runs automatically and performs some tasks to prepare the computer for mining. This particular process was written with the Golang programming language, which is tailor-made for machines running Mac OS.
We can see within the code that “pplauncher” tidies up the directory where the miner would be inserted into, then it extracts and launches it.
“Using Golang introduces significant overhead, resulting in a binary file containing more than 23,000 functions. Using this for what appears to be simple functionality is probably a sign that the person who created it is not particularly familiar with Macs,” Malwarebytes added.
Rather than using the old “tried and true” method of installing ransomware on victims’ computers, hackers are resorting more and more to these cryptojacking ventures due to their profitability.
A recent report by Malwarebytes revealed that cryptojacking has surpassed ransomware in popularity, with the latter dropping 35% in popularity while the former increased 27% among businesses.
Indeed, cryptojacking has become so pervasive that some news outlets have ceased reporting on them due to the utter redundancy.
This article appeared first on Cryptovest
