Researchers have discovered new macOS malware hidden in pirated versions of Final Cut Pro. Cryptocurrency mining malware is becoming more and more sophisticated.
There is a new generation of malware that targets macOS users. Before you rush to do any system update, which you should be doing regularly anyway, it’s worth noting that this malware is included in pirated versions of Final Cut Pro. In other words, if you do not use the tool acquired in this way, you have nothing to fear.
How researchers discovered this macOS malware
The threat was discovered by Jamf Threat Labs. The company says that during a routine security check, they discovered a cryptocurrency mining tool that was running in the background when a pirated version of Final Cut Pro was running. “Further investigation revealed that this version of Final Cut Pro contained an unauthorized modification by Apple that ran XMRig in the background. At the time of our discovery, this algorithm has not been found to be malicious by any of the security providers on VirusTotal. Since 2023, malware has been discovered by a large number of publishers. However, many malicious applications are still not recognized by most publishers.
The report also explains that as Apple hardware is constantly improving, the macOS platform is becoming more attractive to cryptocurrency mining malware. And of course, if you want to keep your system as clean as possible, stay away from torrent sites. Researchers have indeed found that all of the most popular versions of pirated Final Cut Pro files are infected with this malware.
Cryptocurrency mining malware is getting more sophisticated
Derivative versions of this malware are increasingly effective at evading detection by antivirus software. In other words, there is less and less hope for eliminating the risks of using torrent sites with antivirus software. For example, the researchers noted that malware embedded in Final Cut Pro constantly checks to see which processes are running. Cause? Avoid appearing in the Activity Monitor application: “If it finds Activity Monitor, it immediately closes all its processes. As a result, if the victim notices that their processor is loaded more than usual and opens the activity monitor to confirm their concerns, the malware stops working and hides until the next launch of the application.”
Many users believe that Mac computers are not affected by malware. This is not entirely true. Since Apple is so focused on the security of its users, malware is less prevalent on Macs because its developers are more focused on PCs. And that’s also because Windows machines are more common.