Published on June 22nd, 2019 📆 | 6268 Views ⚑
0Bird Miner Mac malware uses pirated software to spread itself
If you download pirated content from torrent platforms, you can be a victim of this Mac malware.
See: Your pirated Game of Thrones download can be a malware â Hereâs why
Initially, the malware was discovered as OSX.BirdMiner in a pirated Ableton Live 10 software installer, which is basically software used commonly to create music. Later on, researchers detected it in other files and Reddit users report that in the past four months or maybe longer than that they have observed the similar type of Mac malware distributed via the VST Crack website.
According to the details shared by Malwarebytes on Thursday, the first thing that Bird Miner does to keep itself hidden from the userâs detection is by checking for Activity Monitor. If this system tool isnât running and the CPU usage is lower than 85%, this Mac malware runs the open source Qemu OS virtual box that loads and runs a wide range of OS image files including .img, .iso, or .dmg. In fact, Qemu loads Tiny Core Linux custom versions as two .dmg images prior to launching the Xmrig cryptomining tool.
The files contain random names and perform miscellaneous functions that include the launching of daemons. One of the daemons launches a shell script dubbed as Crax. It is launched to ensure that the malware stays undetected from security experts.
See: Torrent uploader CracksNow caught distributing GrandCrab ransomware
However, the very aspect that makes Bird Minerâs functioning interesting, that is, running inside the Qemu, is what makes it operationally inefficient. If the Mac malware wasnât emulated and was natively run it would be far more beneficial for its developers as far as profits and returns are concerned.
There is also a lesson for users of pirated software who regularly download software from torrent platforms. It is important to understand that the biggest disadvantage of using pirated software is making your computer vulnerable to all sorts of digital threats and privacy/security risks.
See: New Mac Malware steals iPhone text messages from iTunes backups
Nowadays, cryptojacking has become quite common and pretty easily attackers can infect PCs with malware to drain the CPU of its resources. Usually, cybercriminals target the cracked versions of original software on piracy websites to load adware and cryptominers and make some quick bucks. Hence, users are advised to only download software from legitimate sources.
Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.
Gloss