OSX.DarthMiner
OSX.DarthMiner is a backdoor and cryptocurrency-mining Trojan. It may use your system's resources for creating Bitcoins, Monero, or similar cryptocurrencies, as well as letting a threat actor control your PC over a network connection. Most anti-malware tools should delete OSX.DarthMiner, which should be done
OSX.DarthMiner is a backdoor and cryptocurrency-mining Trojan. It may use your system's resources for creating Bitcoins, Monero, or similar cryptocurrencies, as well as letting a threat actor control your PC over a network connection. Most anti-malware tools should delete OSX.DarthMiner, which should be done for limiting hardware damage from its mining operations expediently.
Out of Two Trojans Comes an Even Worse One
Recycling isn't just something that law-abiding citizens do, but also, is a factor in efficient hackers' operations. XMRig, a cryptocurrency-mining program, is one such showcase of how software can mutate from friendly to unsafe purposes, depending on how its installation happens. OSX.DarthMiner combines it with another threat of yore, the Empyre backdoor Trojan, for more than one way of making money.
OSX.DarthMiner runs in Apple's OS X environments (desktops and laptops from version 10.8 up to 10.11), unlike most cryptocurrency-mining Trojans, like the Windows-favoring CrazyCoin or the IoT's Stantinko Botnet. It consists of two 'freeware' halves remodeled to work together by the author:
- The Empyre backdoor Trojan gives attackers control over the system through encrypted network communications. It also has modular support for attacks like keylogging, but its focus is on making system changes according to command tasks for altering settings, modifying files, etc.
- OSX.DarthMiner also uses the often-passed-around XMRig, which mines (generates through blockchain activities by using the system CPU or other hardware) cryptocurrency, in this case, Monero. The use of Monero instead of Bitcoin makes it easier for the activity to be lightweight, with little evidence or system disruption that would alarm a user at the keyboard.
Although this specific combination isn't prevalent, XMRig is incredibly prominent among similar threat actors' campaigns that make money by hijacking systems for mining. Malware researchers point to the OS X compatibility as the most atypical feature, in OSX.DarthMiner's case.
From a Pretense into a Problem
'Free' software is, besides making up most of OSX.DarthMiner's internals, also responsible for its circulation out in the wild. Victims of OSX.DarthMiner infections are compromising their PCs through launching fake activation software or cracks related to Adobe products. Malware researchers confirm OSX.DarthMiner's hijacking the names of real (if still illicit) activators, like Adobe Zii. The threat actor could also craft spoofing host websites for supporting this tactic.
Cryptocurrency-mining, when conducted safely, doesn't harm the user's PC performance or the health of associated hardware. Unfortunately, threat actors deploying such programs may run them with unsafe and excessively demanding settings. Although it's uncommon in XMRig infections, it's possible that OSX.DarthMiner may cause overheating or hardware failure, as well as general performance problems such as unresponsiveness.
Software piracy is a pastime that's fraught with risks, many of which are Trojans like OSX.DarthMiner or Russia's WANNACASH NCOV Ransomware. Whether the problem ends up being harnessed CPU resources or locked data, it's one that's always avoidable by users acting lawfully.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.