A malware that infiltrates devices with the Mac operating system is being distributed in the Apple ecosystem. It comes as a surprise to many, as Apple has, for years, bragged about its immunity to this type of attack.
According to a report by the cybersecurity firm Jamf Threat Labs, focused on the Apple ecosystem, malware that runs cryptojacking is spreading in pirated versions of Final Cut Pro. The video editor costs $300 on the market, and there’s no shortage of interest in obtaining it for free.
Cryptojacking is the hijacking of a device remotely, which allows the hacker to mine cryptocurrency using the affected hardware without the victims noticing. The report indicates that the malware installs commands to run the XMRig mining software, which allows mining of the Monero cryptocurrency, XMR. It also suggests that the malware is infecting computers via pirated versions of Adobe Photoshop, Logic Pro, and Apple’s music sampler software.
One of XMRig’s properties relates to its use of the Invisible Internet Project (i2P) communication protocol, which gives it and similar cryptojacking malware the ability to remain undetected. In addition, it allows the attacker to receive the coins extracted from the affected computer without being detected. It should be noted that XMRig and i2P are not software created for malicious purposes.
Another of this malware’s properties is to trick users of the affected Mac device into disabling Apple’s Gatekeeper protection. Furthermore, macOS Ventura, the company’s latest operating system, does not prevent the cryptominer from running.
According to the researchers, a single user of Pirate Bay, a peer-to-peer information-sharing site, was responsible for distributing the pirated versions of various applications and software that contained the malware. In response, Apple wrote to the site 9to5Mac, which posts rumors and sneak peeks about the bitten Apple ecosystem. The company stated that it is updating its OS to block the malware and, at the same time, denying the claim that it is able to bypass Gatekeeper.