A new cryptominer, dubbed Bird Miner, has been spotted in the wild targeting Mac devices and running via Linux emulation under the guise of a production software tool.
Malwarebytes researchers described Bird Miner as “somewhat stealthy” due to its instructions to bail out at multiple points if Activity Monitor is running and because of its ability to obfuscate the miner code by hiding it inside Qemu images, according to a June 23 blog post.
It’s also worth noting that the malware runs via emulation, when it could easily run as native code and could have had better performance and a smaller footprint as a result.
Researchers found the malware hidden in cracked installer for the high-end music production software Ableton Live, an instrument used for live performances, composing, recording, mixing, and mastering.
The software retails for $749 but a can be downloaded from a piracy website called VST Crack and despite being more than 2.6 GB the program’s size is not unusual for such an app.
Upon closer inspection, researchers spotted clues that gave away signs of something being off, such as the fi ..
Support the originator by clicking the read the rest link below.
