The Threat Labs team at Jamf, which specializes in managing and securing Apple at work, has shared new findings around a largely undetected family of malware which infects pirated, often costly, macOS applications to secretly mine cryptocurrency.
Jamf says the crypto-mining tool, XMRig, being used in this stealthy, increasingly common, large-scale crypto-mining scheme has some unique tactics. For example, it uses i2p (Invisible Internet Project), a less noticeable alternative to Tor, for its communications and to download malicious components and send mined currency to the attacker’s wallet.
Jamf says that’s what also interesting is the fact that this particular sample went undetected by all vendors on VirusTotal, even though the malware family had already been detected. You can read the entire report here.