4/28/2023 0 Comments Xtorrent pro macThe same user who had shared the pirated and Trojanized copy of Final Cut Pro had also been offering a number of other apps illegitimately since August 2019. Jamf’s research team was able to locate the malware sample in the wild via a mirror of The Pirate Bay, a BitTorrent file distribution site. Both I2PD and XMRig are open-source utilities. Notably, this is-to our recollection, and that of other researchers-likely the first Mac malware that has leveraged I2P. The malware also employed Invisible Internet Project (I2P, or I2PD) technology (similar to Tor) to mask its bad network behavior, which included downloading payloads and sending any mined cryptocurrency to the malware maker. (As an aside, Intego has previously written about a PUA in the Mac App Store that utilized similar mining software, XMR-Stak, in violation of Apple’s policies.) New variants of this malware initially came on Jamf’s radar during routine threat hunting, when they noticed that a Trojanized version of Apple’s Final Cut Pro included XMRig, which is cross-platform cryptocurrency mining software. Intego had also internally analyzed many Honkbox-related coin-miner malware samples months prior to Jamf’s write-up. According to their report, Jamf had been tracking recent developments of the malware family for a few months prior to publishing their research. On February 23, 2023, Jamf researchers published their own research, calling it “evasive cryptojacking malware” found in pirated Mac apps. Magisa described the malware as the “latest Mac coinminer,” noting that it “utilizes open-source binaries and the I2P network” (more on that in a moment). What is Honkbox’s history, and how was it discovered?Įarly last year, on February 21, 2022, Trend Micro researcher Luis Magisa wrote what may have been the first public report about the malware that later became known as Honkbox. Honkbox indicators of compromise (IoCs).How can one remove or prevent Honkbox and other Mac malware?.What else is noteworthy about Honkbox malware?.What does Honkbox do to an infected computer?.What is Honkbox’s history, and how was it discovered?.Let’s examine what we know about this malware, and how to safely remove it from infected systems. ![]() Apple calls this Trojan horse malware “Honkbox.” Over the past couple weeks, multiple reports about cryptojacking and cryptocurrency-stealing Mac malware have surfaced. Malware Cryptojacking Mac malware “Honkbox” found in pirated apps
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |