Mac malware on the rise again; several new threats found

Joshua Long for Intego:

Mac malware continues to increase in both quantity and variety. In addition to Intego’s discovery of new OSX/Linker Mac malware, active malware campaigns have been observed in June 2019, everything from a bizarre cryptocurrency miner to creepy backdoors that could allow an attacker to log your keystrokes, and more.

Let’s take a look at some of the Mac malware we’ve seen in the wild in recent weeks.

• Firefox zero-day leveraged to spread OSX/Netwire and OSX/Mokes
• LoudMiner aka Bird Miner found in “cracked” VST installers
• OSX/NewTab

MacDailyNews Take: As noted by Long, Mac users can scan their Macs with Intego’s VirusBarrier X9, available for free via Apple’s Mac App Store here.


  1. In particular the miner is wild….

    “… What’s particularly bizarre about this unwanted miner is that, rather than the mining software app running as a simple background process, the miner runs within an entire Linux operating system inside of a Qemu virtual machine. In other words, while you’re running macOS, another operating system boots up inside of macOS and starts running mining software. It’s unclear whether the pirates were just lazy and trying to come up with a cross-platform solution that took little effort, or whether they were trying to use this technique to hide from antivirus software that might detect the miner if it were running natively on the infected computer….’

    This is “Lazy?”

  2. How many of these are better described as “social engineering attacks”? I mean, I could call up some random number ask the person if they have admin rights to their computer then say that they MUST follow these steps (that will erase their hard drive) or all of their information is going to be spread across the internet. Does that make the telephone malware?

    1. No, because they depend on the user being tricked and providing admin permissions. THIS MALWARE IS OUT THERE NOW AND CAN AFFECT YOUR SYSTEM (just as soon as you provide the admin rights to do so)

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.