dcsimg

New Mac cryptominer Malwarebytes detects as Bird Miner runs by emulating Linux

A new Mac cryptocurrency miner Malwarebytes detects as Bird Miner has been found in a cracked installer for the high-end music production software Ableton Live. The software is used as an instrument for live performances by DJs, as well as a tool for composing, recording, mixing, and mastering. And while cryptomining is not new on Mac, this one has a unique twist: It runs via Linux … [Read more...]

A week in security (April 22 – 28)

Last week on Labs, we looked at security threats to headphones, privacy options in the world of law, and wandered through the FBI’s 2018 IC3 online crime report. We also explored another MageCart attack, and we released our 2019 Q1 Crime Tactics and Techniques report. Other cybersecurity news Fooling automated surveillance cameras: Bypassing neural network frameworks with colourful abstract … [Read more...]

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

This blog post was authored by @hasherezade and Jérôme Segura. We recently detected a drive-by a download attempt trying to exploit CVE-2018-4878, a vulnerability in Flash Player, in a sequence that was not matching any of the exploit kit patterns that we currently track. Upon investigation, we discovered something that was new to us, but is part of an existing exploitation framework discovered in … [Read more...]

New Mac cryptominer uses XMRig

A new Mac cryptominer was discovered this week, after affected users saw their fans whirring out of control and a process named “mshelper” gobbling up CPU time like Cookie Monster. Fortunately, this malware is not very sophisticated and is easy to remove. The malware became public knowledge in a post on Apple’s discussion forums, where the “mshelper” process was found … [Read more...]

New Mac cryptominer distributed via a MacUpdate hack

Early this morning, security researcher Arnaud Abbati of SentinelOne tweeted about new Mac malware being distributed via MacUpdate. This malware, which Abbati has named OSX.CreativeUpdate, is a new cryptocurrency miner, designed to sit in the background and use your computer’s CPU to mine the Monero currency. The malware was spread via hack of the MacUpdate site, which was distributing … [Read more...]