MSHelper

‘mshelper’ is the name of a process, which has been the topic of discussion in the official Apple forums and other Internet boards for almost a year now. The reason for this is because many Mac users begin noticing this process in their list of running applications. However, this is not the issue – the problem is that the users with the ‘mshelper’ on their computers often noticed that this process was using most of their CPU’s resources, which means that their computers were running sluggishly, as well as its fans were usually spinning at maximum speed. This might reduce the lifespan of the processor and its fan, as well as become the reason for system instability and other performance-related issues.

At first, it was not clear what the purpose of ‘mshelper’ is, nor was it known how it is distributed. However, security researchers now suspect that the ‘mshelper’ might be part of a cleverly designed crypto jacking operation whose purpose is to utilize the resources of a computer to mine for cryptocurrencies like Monero. Mining Monero on a single computer is not very profitable, but the authors of the ‘mshelper’ crypto jacking malware may have managed to get thousands of computers to mine Monero for their wallets, therefore ensuring that this campaign will bring in profits.

There are two ways to check if the misbehaving ‘mshelper’ malware is on your computer – either run a full system scan using a suitable anti-virus program or check for the presence of the ‘mshelper’ in your list of running processes. The removal also can be completed with the use of a trustworthy anti-malware application or by identifying and deleting the following file and two folders – ‘com.pplauncher.plist,’ ‘pplauncer,’ ‘mshelper’ manually.