If you have a good reason to believe, and are able to demonstrate, that a file was mistakenly classified, please complete the following form and provide the file details.
If you believe an application, file or URL you encountered is malicious, tell us about it.
Authors: AiroAV - Security Labs
Whether or not you are planning to invest in cryptocurrency, you still must be aware of some of the abusive behaviors this trend comes with. Today, more and more malicious crypto miners may be using your Mac, just to mine their own (cryptocurrency) business. Is your Mac experiencing a massive slow down lately, without any visible reason? This article is for you.
It seems like lately cryptocurrency has become the main topic in every conversation, and we all know people that just put their money and resources into it.
However, even if you’re not planning to invest in cryptocurrency anytime soon, you still must be aware of the abusive traits and vulnerabilities this trend brings, such as malicious crypto mining.
Cryptocurrency is digital money secured by cryptography that enables anonymous transactions. And by ‘digital’ we mean, no physical representation like those familiar bills and coins. In fact, each digital currency is identified by a serial number, which is used as a key. Unlike the physical money we know and love, cryptocurrency is not fully centralized and regulated by governmental and financial institutes. Cryptocurrency is a decentralized currency. Meaning there is no central supervising authority.
Now, this may sound like complete anarchy, but keep reading because it’s actually quite the opposite. Instead of being regulated by banks, all of the transactions and trading are recorded in a public digital ledger called a blockchain. A math-based technology in which every verified process is added as a block. And once added, nothing can change the records.
Now that you’ve made yourself a bit more familiar with the basics of cryptocurrency, let’s see how crypto mining might harm your Mac performance.
Crypto Mining refers to two main actions: issuing new currency and adding records to the blockchain. Both these activities are done by solving a rather complex mathematical algorithm and require powerful hardware that is able to run code on machines for days and even weeks. People all over the world work effortlessly to solve this mathematical algorithm and add more blocks to the blockchain. Why do they spend time and resources on this sacred goal? Well, whoever solves a block and helps record a transaction, is rewarded with 12.5 Bitcoins, worth $40,125 as of today! The equation is simple, the more CPU resources you have, the higher chances to find the solution and win rewards.
This is the part you should be worried about. Unfortunately some miners, or let’s call them evil hackers, found ways to invade other people’s computers and abuse their resources by running silent an invisible processes in the background.
So in case you’ve noticed a sudden Mac slow down lately, there might be a possibility that someone has hacked your computer and uses it for crypto mining without your consent.
Now, that’s annoying for many reasons. First, someone invading your precious Mac gains access to your most important photos, documents, accounts, and potentially even passwords. Second, all this is done without your knowledge or approval. Disturbing and creepy, no doubt. But the biggest problem is that the running massive codes required for crypto mining, use your CPU and GPU (stands for Central Processing Unit (AKA processor), and Graphic Processing unit) resources and capacities to do so. Leaving you with an extremely slow machine. With all these crypto-mining processes running in the background, even the tiniest action like a web search or an app launch can jam your whole system. And if that’s not driving you crazy, think about the fact that by stealing YOUR resources, this hacker is earning a decent amount of Bitcoin. Now, that’s just a plain robbery.
One of the most popular cryptocurrency mining among cybercriminals is Monero. As of last year, we, at Airo noticed a sudden rise in Monero mining along with a dramatic increase in cyber crypto attacks. Unlike Bitcoin which can be traced by anyone all the way back to its creation, Monero exchange history is not recorded anywhere. Due to its untraceable system, it allows the traders to use it privately, including for illegal purposes, without marking the coin as involved in fishy activities.
Add to this that creating a Monero coin requires no more than a standard CPU capacity. Together, these qualities make Monero mining easy and somewhat attractive for hackers.
One way to track the processes that run in the background of your system is by using the Mac Activity Monitor. You can easily find it with Apple’s Spotlight tool. The problem is that it’s not that easy to identify malicious processes. Since in most cases, these will not be called “A Malicious Crypto Mining Process”. Most often they have a non-indicative name, and in some cases pretend to be a legit system file or process, making them difficult to locate. However, any unfamiliar task that utilizes high CPU capacities should ring your alarm.
Sometimes the harmful code isn’t located on the machine, but running via your browser. If the Mac Activity Monitor shows that your Chrome uses around %90-%100 of your CPU capacity, it may indicate that one of the websites you’re browsing is injecting malicious mining code. Chrome has a Task Manager that shows the CPU usage of any open tab. You can find it by clicking Window > Task Manager.
It’s possible to end these suspicious processes by yourself, but nothing guarantees they will not come back sooner or later under the same name or another sneaky name.
Our suggestion is to scan your Mac with automatic tools such as Airo antivirus (AiroAV) with an up to date database containing information about the newest malicious mining processes. It will assist you in identifying and blocking the source of the infection and will warn you each time you try to install a software that might expose your Mac to a malicious cryptocurrency miner.
To summarize, even if cryptocurrency is not your cup of tea, you still must be aware of the risks it brings. Malicious cryptocurrency mining is just one way of how your Mac performance can be affected by someone abusing your resources to make money. Being aware of this threat and using the right tools can help you protect your Mac and prevent a huge discomfort.
Try Airo AV and Airo Web Protection