Empire Market Cartel Marketplace Hidden Links

Macs Do Get Malware And This Nasty Cryptomining Payload Has Been In Hiding For 5 Years

Apple products were once praised as the most secure ecosystem, either by design of Apple's walled garden, excellent marketing tactics, or otherwise.  However, in mid-2020, Apple accidentally approved widespread Mac malware, breaking this reality for many people. Now, another Mac-exclusive malware has been uncovered in Asia, silently mining Monero in the background of macOS user’s devices. The malware, dubbed macOS.OSAMiner, has likely been floating around since at least 2015, packaged with cracked games and software like League of Legends and Microsoft Office.

In 2018, SentinelLabs, a cybersecurity firm, caught wind of Chinese forum reports talking about a Monero mining trojan infecting macOS users. As with any mining malware, “Symptoms included higher than usual CPU, system freeze and problems trying to open the system Activity Monitor.app.” At that time, the investigation concluded that it has been circulating since 2015, but not much else could be gleaned from the malware, as it was done in run-only AppleScripts, which caused issues for analysis and detection. Effectively, the investigation ended due to this roadblock.

In more recent days, it was found that the malware authors continued to “develop and evolve their techniques.” More recent versions of the macOS.OSAMiner embedded another AppleScript within another AppleScript, making everything more complex. However, the researchers could reverse engineer the AppleScripts using a “little-known applescript-disassembler project and a decompiler tool” made by the team. Ultimately, the entire malware system and related processes were unveiled and shown to the world in a recent report.

As SentinelLabs states, “Run-only AppleScripts are surprisingly rare,” yet they are incredibly powerful and highly elusive. Case-in-point being the macOS.OSAMiner campaign, which took at least five years to crack open. Hopefully, analysts can use the research done in this campaign to help prevent future run-only AppleScripts.

Moreover, macOS users need to be keenly aware that they, too, are vulnerable, as malware can reach out and touch virtually any user on any platform.


Read Comments & Discuss This Article on Dread

Share this article

  • The Deep Web
  • Cryptocurrencies
  • Darknet Markets
  • Cybersecurity & ...
  • Editor's Picks
Maybe you’ve heard of the Silk Road market (or
Earlier this week, noted security researcher and
At least $11 billion in unemployment benefits so
Ever wanted to get access to your spouse’s
Global Drug Survey finds 15% of global
The COVID-19 pandemic is still raging through the
Rise of professional criminal gangs,
Boneless was one of HackBB's most tireless
Cybercriminals are taking advantage of the
  • 1
  • 2
  • 3
Cartel Marketplace   Hidden Links   Onion Scanner


Visit Our Friends

Subscribe to Our Newsletter

Enter your email to receive our monthly newsletter!
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…