Apple devotees frequently exclaim that their products are impervious to malware and viruses, yet this couldn’t be further from the reality.
Apple Insider reported on February 23 that a new evasive crypto-jacking malware strain has been found on macOS. The dangerous malware appears to be disseminated via unlicensed copies of the movie editing program Final Cut Pro.
The malware was initially found by Jamf Threat Labs, a cybersecurity company for the Apple environment. It has been tracking freshly reappeared malware versions over the previous few months. In 2018, a similar crypto-jacking malware infection affected Apple’s operating system.
The $300 video editing program from Apple was found to be running in the background of copies of the XMRig command line mining tool. Moreover, the malware was present in versions of Apple’s Logic Pro and Adobe Photoshop that were obtained illegally.
Once activated, the software uses the infected Computers to covertly mine cryptocurrencies.
It is also made to avoid being discovered. Users can view the processes running on their Apple Macs by opening the “Activity Monitor.” When this tool is triggered, the malware stops operating in order to evade discovery.
The Invisible Internet Project (i2P) communications protocol is used by XMRig in order to communicate, according to a report by Jamf explaining the threat: “Adware has traditionally been the most common type of macOS malware, but crypto-jacking, a stealthy and large-scale crypto-mining scheme, is becoming increasingly prevalent.” This allows it to provide mined money to the attacker’s wallet as well.
Additionally, in order to enable the pirated application to execute, the malware tries to deceive Mac users into entirely removing Apple’s Gatekeeper security.
However, the organization’s most recent operating system, macOS Ventura, is unable to stop the crypto miner from running. According to Apple Insider, “Users might not be able to rely on their antimalware software to identify the infection – at least for the time being.
The account that disseminated the counterfeit software on the peer-to-peer file-sharing website Pirate Bay was located by researchers. A specific user’s shared applications almost always contained malware that was used for cryptocurrency mining.
Jamf also learned that security companies on the malware-detection website VirusTotal did not determine the virus to be hazardous. The world’s largest corporation will benefit from customers being told to refrain from downloading illegal copies of Apple software, according to reporting sites.