It further claims that the malware has been discreet enough to evade detection by Apple’s security checks on Mac till now. It has been doing so by disguising itself as Final Cut Pro, Apple’s own video editing software. The nitty-gritties of the malware involve using Invisible Internet Project to download malicious code and transfer the mined cryptocurrency to the attacker’s crypto wallet.
Cryptocurrency mining is inherently a resource-hungry task and requires significant processing power. Jamf has also warned that the power of Apple Silicon Macs may make them increasingly popular targets for cryptojacking attacks, where malware uses users’ machine’s processing power to mine cryptocurrencies for the benefit of attackers.
Apple’s response to cryptojacking malware claims
In its reply to 9to5Mac, Apple said, “We continue to update XProtect to block this malware, including the specific variants cited in JAMF’s research. Additionally, this malware family does not bypass Gatekeeper protections.”
Additionally, the company stressed the effectiveness of its digital storefront’s security. It added, “The Mac App Store provides the safest place to get software for the Mac. For software downloaded outside the Mac App Store, Apple uses industry-leading technical mechanisms, such as the Apple notary service and XProtect, to protect users by detecting malware and blocking it so it can’t run.”