SIDENOTE: This post was originally published in August 2018. But we gave it an update in August 2019.
The MacOS: BitCoinMiner-AS is a malware cryptocurrency miner which can infect target hosts using a variety of different methods. Infections with it can lead to the deployment of other threats and consequences upon the victims include a degradation of system performance and the inability to use the computers in a normal way. Learn how to restore your Mac OS X computers from active infections by following our in-depth article.
|Type||Cryptocurrency miner for Mac OS X|
|Short Description||A malicious script that takes advantage of the available system resources which in turn generates income for the hacker operators.|
|Symptoms||Victims will notice severe system performance issues.|
|Distribution Method||Bundled downloads, malicious scripts and other methods.|
|Detection Tool|| See If Your System Has Been Affected by MacOS: BitCoinMiner-AS |
|User Experience||Join Our Forum to Discuss MacOS: BitCoinMiner-AS.|
MacOS: BitCoinMiner-AS – How Did I Get It
Other methods that can be used to spread the infection includes the installation of infected software installers. They are made by taking the legitimate installers from the official vendor download sites and modifying them with the virus code. Targets are applications that are popular with end users: creativity suites, sytem utilities and productivity software.
Using malicious documents the users can also infect themselves with the MacOS: BitCoinMiner-AS malware. This si done by opening files that contain virus scripts (macros). They can be of any type (presentations, spreadsheets and etc.) and once they are opened the users will be prompted to enable the content. When this is done the macros will download the malicious engine and the infection will follow.
Malicious scrips that can lead to the MacOS: BitCoinMiner-AS infections include all kinds of pop-ups, banners, redirects and in-line links.
MacOS: BitCoinMiner-AS – More Information
When started the cryptocurrency miner module will be started. Most of the threats of this type follow a predesigned execution pattern which is made up of the following steps:
- Payload Delivery — The infection begins by downloading the malicious engine from a hardcoded download site. The relevant code is then run by the browser or the computer.
- Miner Operations — The miner module is run with the predefined parameters downloaded from the hacker-controlled servers. It starts to utilize the available system resources in order to perform complex calculations.
- Report — When the operations are complete information is sent to the hacker servers and money in the form of digital currency is transferred to the hackers wallets.
Other dangerous activities imposed by the virus’s presence includes the deployment of additional threats. If the MacOS: BitCoinMiner-AS malware is programmed to cause other dangerous changes to the infected machines. An example is the manipulation of boot records. This will automatically trigger the launch of the threat once the computer boots and may also disable certain components from launching.
Another malware activity that can follow is the installation of a Trojan module. It establishes an encrypted (secure) connection with a hacker-controlled server which is used to spy on the users in real time, allow the criminals to overtake control of the machines and steal files.
During the miner’s execution it can also harvests information that can be grouped ino one of these two categories:
- Private Data — The malicious engine can harvest information that can expose the identity of the victims. This includes a person’s name, address, phone number, interests, location and account credentials.
- Metrics — This data set consists of data that can be used to optimize follow-up attack campaigns. Example contents include a report of the installed hardware components and certain user-set settings.
Remove MacOS: BitCoinMiner-AS from Your Mac
In order to remove MacOS: BitCoinMiner-AS from your computer, we would recommend that you use a specific software that is designed to scan for and detect all of the related files and objects to MacOS: BitCoinMiner-AS and remove them. Such program also aims to ensure that your Mac remains protected against such invasive programs and malware in the future too, while also maintaining good performance of your machine.