Jump to content

CookieMiner Malware

Popeye

By Popeye
in Malwarebytes for Mac Support Forum

 Share

Recommended Posts

  • Staff
treed

treed

Posted
  • Staff
Posted

Yes, CookieMiner is just one of the payloads dropped by DarthMiner:

https://blog.malwarebytes.com/threat-analysis/2018/12/mac-malware-combines-empyre-backdoor-and-xmrig-miner/

The above article describes DarthMiner being used to drop a cryptocurrency miner, but later on the command and control server began distributing CookieMiner instead. DarthMiner has been detected by Malwarebytes for Mac since December, and the CookieMiner component has been detected since it was discovered in January.

Link to post
Share on other sites
alvarnell

alvarnell

Posted
Posted

Not sure why Graham is just getting around to writing this up today as the original article from Palo Alto Networks upon which it is based was published back in January.

Although it's been several months since I checked, as I recall even the free Malwarebytes for Mac detects components that have already been installed, but that probably indicates the user has already been compromised.

Link to post
Share on other sites
Popeye

Popeye

Posted
  • Author
Posted
9 minutes ago, Ssherjj said:

Fast responses here..cool. I need to get Malwarebytes on my Mac like soon!!

:welcome: Sherry. You won't be disappointed with Malwarebytes for Mac. :)

Link to post
Share on other sites
Popeye

Popeye

Posted
  • Author
Posted
30 minutes ago, Ssherjj said:

  Ok @Popeye I will give it a whirl tomorrow. Just wondering if one can run MB with another AV or if you really need too?

https://forums.malwarebytes.com/topic/240387-malwarebytes-for-mac-enough/?do=findComment&comment=1286403

https://forums.malwarebytes.com/topic/250791-is-malwarebytes-premium-an-antivirus-program-too/

 

Link to post
Share on other sites
alvarnell

alvarnell

Posted
Posted
2 hours ago, Ssherjj said:

  Ok @Popeye I will give it a whirl tomorrow. Just wondering if one can run MB with another AV or if you really need too?

You can normally run another AV if you really want to. There have been a few conflicts in the past, but I believe that’s mostly been taken care of. Still one or two that will refuse to install unless you remove all others, but that’s more of a competition thing than conflict.

Just make sure that only one is enabled for real-time / on-access scanning as this can cause conflict as they fight over who get’s to scan new / revised files first.

Link to post
Share on other sites
Ssherjj

Ssherjj

Posted
Posted
5 hours ago, alvarnell said:

You can normally run another AV if you really want to. There have been a few conflicts in the past, but I believe that’s mostly been taken care of. Still one or two that will refuse to install unless you remove all others, but that’s more of a competition thing than conflict.

Just make sure that only one is enabled for real-time / on-access scanning as this can cause conflict as they fight over who get’s to scan new / revised files first.

Thank you so much for your quick response! I will keep this in mind. I believe @Popeyeonly runs Malwarebytes Premium on his Mac? Love the help that I get from you all.😎

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.