A new malware for Mac computers that is easily removable and unsophisticated was uncovered earlier this week. The malware is used in mining the Monero (XMR) virtual currency and it has various components including a dropper, a launcher, and a miner. Security researchers have discovered that the dropper has root privileges and this is what ensures that the launch demon keeps the launcher running after installation.
Security experts say the malware is relatively benign, except in situations where the computer has dust-clogged vents or damaged fans leading to overheating when the mining is taking place. This comes at a time when there has been a growth spurt in crypto-mining malware for Macs. Other crypto-mining malwares that target Macs include CreativeUpdate, CpuMeaner, and Pwnet.
While the new crypto-mining malware for Mac computers is considered a low to moderate security threat, a new malware focusing on mining Monero in personal computers running on Microsoft Windows operating system is much more malicious. The malware known as WinstarNssmMiner ends up crashing computers whenever there is an attempt to remove it using antivirus software. It is estimated that so far the malware has found its way into 500,000 computers in just three days.
Once the malware is installed and begins running two processes start – one to mine the Monero virtual currency and another to look out for antivirus protection. The malware is also capable of tampering with critical processes of the operating system and thus crashing it at will. There are four mining pools which have been associated with the WinstarNssmMiner malware. It is estimated that those behind the malware have managed to mine upwards of133 XMRs worth over $20,000. WinstarNssmMiner is based on the open-source virtual currency mining project known as XMRig. This open-source virtual currency mining project has also been linked to other mining malwares including Waterminer and RubyMiner.
Comments (No)