It still tends to enter Mac computers alongside legitimate applications, sticking to a bundling-based modus operandi. Its mining potential now covers a broader range of cryptocurrencies. While keeping the original source code, the malefactors behind DevilRobber made some tweaks to the infection before it went viral last June. Furthermore, mining altcoins such as Monero and Ethereum shaped up to be a trend outperforming Bitcoin-borne environment in this context. The likely reason why the numbers increased nearly tenfold in only a month was because the price of Bitcoin and other major cryptocurrencies started to soar, so surreptitious mining quickly because a much more profitable activity. This leap forward made it the second most widespread Mac infection, with the first position occupied by the infamous DNS changer dubbed RSPlug. According to malware analysts’ findings, the number of DevilRobber detections skyrocketed to 21.6% in June 2017 versus 2.4% in May. Having taken its niche on the Mac malware landscape, this pest hadn’t shown any significant spikes until 2017. The data stealing hallmarks revolved round the fact that it could pilfer victims’ personal data and Bitcoin, with subsequent exfiltration of the sensitive information to the crooks-maintained C2. Its backdoor facet consisted in the ability to communicate with the Command & Control server. It had characteristics of a Trojan as it spread via booby-trapped BitTorrent trackers. The infection featured a robust, well-thought-out architecture from the get-go and was a unique combo of several different threat categories. The issue was so big and serious back then that Apple had to release ad-hoc security updates to address this outbreak. It gained notoriety for being one of the most prolific samples of Mac malware to date, having been discovered in October 2011 and still boasting active circulation. The newsmaking cyber culprit called DevilRobber is also known to security community under other aliases, including OSX.Coinbitminer and Miner-D. DevilRobber, an oldie that keeps evolving Here’s some outright evidence of this disconcerting resemblance: the second most common Mac malware strain is a stealthy cryptocurrency mining application. When it comes to cryptojacking, though, machines running macOS are pretty much the same low-hanging fruit as their Windows counterparts. Mac computers have been conventionally considered safer than Windows in terms of combatting harmful code. Having taken root on a host, the malware will configure the system to dedicate most or all of its processing power to the mining job. In order to pull off attacks of this sort, the adversaries leverage malicious code. The target users are meanwhile unaware of this exploitation going on behind their backs. This phenomenon is referred to as cryptojacking. They have come up – and keep coming up – with methods to harness other people’s CPU and GPU for coin mining. This type of activity is legit, and it’s gearing up for a rise.Īs always, online perpetrators go the easy route. Normally, people who are up to the mining business invest in costly equipment with high data processing capacity and join the worldwide coin rush. It designates a process where computation power is leveraged to perform complex mathematical calculations for verifying the validity of transactions on the blockchain, a decentralized cryptocurrency ledger keeping record of all fund transfers. It is common knowledge that new units of cryptocurrency come into existence via a routine called mining. Unfortunately, black hats have had some tangible success doing it. A major flip side of Bitcoin and other cryptocurrencies, with all their numerous benefits for users, circles around the immense efforts of cybercriminals to steal coins or otherwise get hold of virtual funds whose value is constantly soaring. Get the lowdown on cryptojacking campaigns targeting Mac computers, the history of this phenomenon and the most massive outbreaks of such malware to date.Īny new technology that gains significant worldwide popularity is fated to be abused by threat actors in the long run.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |