Cryptojacking is essentially device hijacking, where a threat actor installs a miner and sends all of the generated tokens to an address they own. It’s called hijacking because when a miner is running, it usually takes up all of the device’s computing power, rendering it useless for pretty much anything else.
Hiding from antiviruses
Deeper analysis by Jamf determined that it was a pirated version of Final Cut Pro, modified to run XMRig in the background.
While XMRig is usually picked up by antivirus programs, this variant somehow remained under the radar. At the time of their report, the researchers said, VirusTotal was still not recognizing the pirated Final Cut Pro version as malicious.
The program was being distributed through Pirate Bay, the researchers added, as Pirate Bay is one of the world’s most popular torrent sites, and the user that uploaded it is a “well-known uploader”.
Commenting on the discovery, Apple told 9To5Mac: “We continue to update XProtect to block this malware, including the specific variants cited in JAMF’s research. Additionally, this malware family does not bypass Gatekeeper protections. The Mac App Store provides the safest place to get software for the Mac. For software downloaded outside the Mac App Store, Apple uses industry-leading technical mechanisms, such as the Apple notary service and XProtect, to protect users by detecting malware and blocking it so it can’t run.”
As usual, the best way to protect against these threats is to only download legal software, from legitimate sources. Torrents, cracks and keygens, and other illegal software found online are filled with viruses and malware. To keep the endpoints protected, one can also install an antivirus program, a firewall, and set up multi-factor authentication whenever possible.
- Here are the best endpoint protection software today
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.