This article was published on October 30, 2018

PSA: Buggy cryptocurrency price ticker exposes Mac users’ funds to theft

Make sure your Mac doesn't get sick


PSA: Buggy cryptocurrency price ticker exposes Mac users’ funds to theft

Cryptocurrency ticker apps can be handy little tools for staying up-to-date with the fluctuating price of your cryptocurrency hodlings. That is, when they’re not installing backdoors that open your computer to potentially malicious attack.

One keen eyed Malwarebytes forum user recently noticed that one cryptocurrency ticker app for MacOS called CoinTicker was exhibiting some suspicious behavior.

According to the Malwarebytes blog the CoinTicker app installs two “open-source backdoors: EvilOSX and EggShell.”

It remains unclear what these two pieces of malware are trying to do on users’ machines. However, Malwarebytes believes that due to the malware being packaged within a cryptocurrency app, they are most likely backdoors that will be used to steal coins from unwitting victims.

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Perhaps the most alarming component of this app is that it does not ask the user for administration or root privileges. It installs an icon to the menu bar that displays the current price of Bitcoin and other cryptocurrencies. In effect, there is no reason for the user to be suspicious of anything.

Cryptocurrency scammers and hackers are finding ever more creative ways to perform their shady business. Indeed, hackers recently found a way to package cryptocurrency mining malware with legitimate updates of Adobe Flash.

Always be sure to install software from reputable sources, and even then, pay attention to make sure it’s running exactly as it should.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Published
Back to top