CreativeUpdate

CreativeUpdate is the name of a harmful campaign that targets OSX users exclusively by using modified installers of legitimate applications. The installers in question were spread with the help of 3rd-party websites, which are considered to be trustworthy, but it appears that their security was compromised by a threat actor who uploaded the corrupted installers of popular applications like Firefox, Deeper and OnyX. While this campaign is old relatively, it is possible that CreativeUpdate may resurface by using other means of distribution. Users affected by this campaign had a cryptocurrency mining utility installed on their computers – it is unlikely that the victims noticed anything out of the ordinary since the fake installers also brought a legitimate copy of the program the user was trying to download.

Once the CreativeUpdate miner is active, it would use the CPU resources of the system to mine for Monero, a popular cryptocurrency. The mining operation requires a lot of hardware resources, so many systems might end up performing poorly, and their users might have trouble running heavy applications and games.

The CreativeUpdate Miner was Spread via a Clever Supply-Chain Attack

The supply-chain attack responsible for the CreativeUpdate infections is very threatening because the attackers might have opted to use it to spread more threats such as a backdoor or Remote Access Trojan. Thankfully, the cryptocurrency miner related to the CreativeUpdate campaign is not a threat to your online safety, but its removal is still strongly recommended due to the negative impact it can have on your system's performance and stability.

The best way to get rid of Trojanized cryptocurrency miners is to use a trustworthy anti-malware software suite.