Cryptocurrency ticker apps can be handy little tools for staying up-to-date with the fluctuating price of your cryptocurrency hodlings. That is, when they’re not installing backdoors that open your computer to potentially malicious attack.
One keen eyed Malwarebytes forum user recently noticed that one cryptocurrency ticker app for MacOS called CoinTicker was exhibiting some suspicious behavior.
According to the Malwarebytes blog the CoinTicker app installs two “open-source backdoors: EvilOSX and EggShell.”
It remains unclear what these two pieces of malware are trying to do on users’ machines. However, Malwarebytes believes that due to the malware being packaged within a cryptocurrency app, they are most likely backdoors that will be used to steal coins from unwitting victims.
Perhaps the most alarming component of this app is that it does not ask the user for administration or root privileges. It installs an icon to the menu bar that displays the current price of Bitcoin and other cryptocurrencies. In effect, there is no reason for the user to be suspicious of anything.
Cryptocurrency scammers and hackers are finding ever more creative ways to perform their shady business. Indeed, hackers recently found a way to package cryptocurrency mining malware with legitimate updates of Adobe Flash.
Always be sure to install software from reputable sources, and even then, pay attention to make sure it’s running exactly as it should.
Published October 30, 2018 — 10:05 UTC