Trojanized macOS Apps Distribute Cryptojacking Malware


Of late, a hacker group used the pirated version of Final Cut Pro, a video editing software from Apple, to deploy XMRig malware on macOS systems. 

Many trojanized apps have been making rounds in the wild for a long time, however, only a handful of security vendors are able to identify and flag them.

What’s happening?

According to Jamf Threat Labs researchers, malicious apps are being uploaded on Pirate Bay torrents by a user with a years-long track record of uploading pirated macOS software torrents.

  • The latest apps contain XMRig payload which makes use of the Invisible Internet Project (i2p) encrypted with base64 encoding to download malicious components and send mined cryptocurrency to the attacker’s wallet.
  • There have been dozens of uploads from 2019 and 2021 that were injected with a malicious payload to surreptitiously mine cryptocurrency.

Read more…