"Largely Undetected Malware Family Targets Pirated macOS Applications"
Jamf security researchers have detailed a family of malware that infects pirated macOS applications and mines cryptocurrency. The malware uses XMRig, an open-source command-line cryptocurrency mining tool. Researchers first discovered XMRig in a pirated copy of Apple's Final Cut Pro video editing software. At the time of discovery, no security vendors on VirusTotal, a free service that analyzes files and URLs for viruses, worms, trojans, and other forms of hostile content, detected the sample as malicious. Later, it was reported that some vendors had detected the malware in January. However, some of the maliciously altered apps remain unidentified. A malicious version of Final Cut Pro is not very alarming on its own, but the researchers discovered that the malware was using the Invisible Internet Project (I2P) for communication. I2P is a private network layer that anonymizes traffic, which makes it a less conspicuous alternative to Tor. The researchers traced related malware and identified a reference to a similar instance reported by Trend Micro at the beginning of February, a pirated edition of Adobe Photoshop for Mac. In their search for more examples of malware using I2P, the researchers traced and identified a reference to a similar example reported by Trend Micro in early February, a pirated version of Adobe Photoshop for Mac. Both malicious versions of Final Cut Pro and Photoshop were traced back to the same individual with a lengthy history of sharing pirated software. This article continues to discuss the malware family that infects pirated macOS applications to mine cryptocurrency.
SiliconANGLE reports "Largely Undetected Malware Family Targets Pirated macOS Applications"