A new report has claimed malware threats look to be on the rise on the macOS platform.
Cybersecurity researchers from Elastic Security Labs recently published findings which noted that of all the different types of malware that crooks could use to target Mac devices, cryptominers stand out as the most popular one.
The company’s report found Trojans are the most popular malware in the world, with a 75% global market share. Cryptominers and ransomware have rounded off the top three. The majority of these distributions – 54% – have targeted Linux devices. Windows endpoints are second with a 39% market share. That leaves Macs with roughly 6%.
XMRig remains king of cryptominers
While somewhat trivial compared to Windows and Linux, macOS threats are rising. Most notably cryptominers, Elastic says: “It should be noted that the distribution and victimology of macOS cryptominers could become increasingly popular and developers leverage MacOS and JavaScript for work-related tasks,” the report says. “Since Node Package Manager (NPM) is a common package manager for JavaScript, cryptominers could be distributed in malicious packages to macOS endpoints.”
The most popular cryptominer, by far, is XMRig. It’s a known miner that’s used across platforms, and perhaps more interestingly – used both for legitimate and malicious purposes. That makes determining when it’s used maliciously notoriously difficult. That being said, XMRig is found in 40% of all cryptomining instances on macOS devices, Elastic has found.
Cryptominers are small executable files that use the device’s computing power to mine cryptocurrency, and then send it to the designated wallet address. Threat actors often target servers and other endpoints with remote code execution and distribute XMRig because mining cryptocurrency renders the device useless for anything else, and rakes up a hefty electricity bill.
Most of the time, cybercriminals would mine Monero (XMR), a privacy-oriented cryptocurrency that’s very hard to trace.
Via: 9To5Mac (opens in new tab)
