Author

Topic: Hidden miner attacked macOS for over five years (Read 123 times)

legendary
Activity: 1932
Merit: 2354
The Alliance Of Bitcointalk Translators - ENG>SPA
January 26, 2021, 11:29:19 AM
#2
Damn, this has stayed undetected for almost 6 years? Undecided

Thanks for the warning. Any advice for MacOS users in order to detect this OSAMiner infection? Or is it supposed that now the most popular antivirus will detect it and it is enough with that?

I'm not in China nor in the Asia-Pacific but this kind of news is always scary.
legendary
Activity: 2618
Merit: 1504
MacOS-based computers have long been used by scammers for hidden cryptocurrency mining.  For five years, OSAMiner managed to evade detection, cybersecurity experts at SentinelOne said.



Malicious software appeared on the network no later than 2015. It was distributed through pirated games and other programs, including League of Legends and Microsoft Office for Mac.
OSAMiner primarily targets China and the Asia-Pacific region, according to researchers.

The specialists faced serious problems in obtaining the complete code of the malicious program; according to their statement, the final run only script was loaded already in a compiled form. This code is not human readable, which makes it difficult to analyze its safety

"However, with the help of a little-known applescript-disassembler project and a decompiler tool we developed here at SentinelLabs, we have been able to reverse these samples and can now reveal for the first time their internal logic along with further IoCs used in the campaign".
Jump to: