MacOS: BitCoinMiner-AS Malware – How to Remove It from Your Mac - How to, Technology and PC Security Forum |

MacOS: BitCoinMiner-AS Malware – How to Remove It from Your Mac

SIDENOTE: This post was originally published in August 2018. But we gave it an update in August 2019.

The MacOS: BitCoinMiner-AS is a malware cryptocurrency miner which can infect target hosts using a variety of different methods. Infections with it can lead to the deployment of other threats and consequences upon the victims include a degradation of system performance and the inability to use the computers in a normal way. Learn how to restore your Mac OS X computers from active infections by following our in-depth article.

Threat Summary

NameMacOS: BitCoinMiner-AS
TypeCryptocurrency miner for Mac OS X
Short DescriptionA malicious script that takes advantage of the available system resources which in turn generates income for the hacker operators.
SymptomsVictims will notice severe system performance issues.
Distribution MethodBundled downloads, malicious scripts and other methods.
Detection Tool See If Your System Has Been Affected by MacOS: BitCoinMiner-AS


Combo Cleaner

User ExperienceJoin Our Forum to Discuss MacOS: BitCoinMiner-AS.

MacOS: BitCoinMiner-AS – How Did I Get It

MacOS: BitCoinMiner-AS is a specific cryptocurrency miner that is made compatible with Mac OS X computers. It can come under the form of a JavaScript code found on hacker-controlled or hijacked pages. These websites may be popular sites or communities that the users visit or fake copies of them. Any counerfeit copies of sites can utilize design elements and similar sounding domains to the legitimate versions. The only warning sites of infections are overall performance issues as most of the malicious code is executed directly without prompts or pop-ups.

Other methods that can be used to spread the infection includes the installation of infected software installers. They are made by taking the legitimate installers from the official vendor download sites and modifying them with the virus code. Targets are applications that are popular with end users: creativity suites, sytem utilities and productivity software.

Using malicious documents the users can also infect themselves with the MacOS: BitCoinMiner-AS malware. This si done by opening files that contain virus scripts (macros). They can be of any type (presentations, spreadsheets and etc.) and once they are opened the users will be prompted to enable the content. When this is done the macros will download the malicious engine and the infection will follow.

Malicious scrips that can lead to the MacOS: BitCoinMiner-AS infections include all kinds of pop-ups, banners, redirects and in-line links.

MacOS: BitCoinMiner-AS – More Information

When started the cryptocurrency miner module will be started. Most of the threats of this type follow a predesigned execution pattern which is made up of the following steps:

  • Payload Delivery — The infection begins by downloading the malicious engine from a hardcoded download site. The relevant code is then run by the browser or the computer.
  • Miner Operations — The miner module is run with the predefined parameters downloaded from the hacker-controlled servers. It starts to utilize the available system resources in order to perform complex calculations.
  • Report — When the operations are complete information is sent to the hacker servers and money in the form of digital currency is transferred to the hackers wallets.

Other dangerous activities imposed by the virus’s presence includes the deployment of additional threats. If the MacOS: BitCoinMiner-AS malware is programmed to cause other dangerous changes to the infected machines. An example is the manipulation of boot records. This will automatically trigger the launch of the threat once the computer boots and may also disable certain components from launching.

Another malware activity that can follow is the installation of a Trojan module. It establishes an encrypted (secure) connection with a hacker-controlled server which is used to spy on the users in real time, allow the criminals to overtake control of the machines and steal files.

During the miner’s execution it can also harvests information that can be grouped ino one of these two categories:

  • Private Data — The malicious engine can harvest information that can expose the identity of the victims. This includes a person’s name, address, phone number, interests, location and account credentials.
  • Metrics — This data set consists of data that can be used to optimize follow-up attack campaigns. Example contents include a report of the installed hardware components and certain user-set settings.

Remove MacOS: BitCoinMiner-AS from Your Mac

In order to remove MacOS: BitCoinMiner-AS from your computer, we would recommend that you use a specific software that is designed to scan for and detect all of the related files and objects to MacOS: BitCoinMiner-AS and remove them. Such program also aims to ensure that your Mac remains protected against such invasive programs and malware in the future too, while also maintaining good performance of your machine.


Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts - Website

Follow Me:
TwitterGoogle Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share