Jump to content
Popeye

CookieMiner Malware

Recommended Posts

Yes, CookieMiner is just one of the payloads dropped by DarthMiner:

https://blog.malwarebytes.com/threat-analysis/2018/12/mac-malware-combines-empyre-backdoor-and-xmrig-miner/

The above article describes DarthMiner being used to drop a cryptocurrency miner, but later on the command and control server began distributing CookieMiner instead. DarthMiner has been detected by Malwarebytes for Mac since December, and the CookieMiner component has been detected since it was discovered in January.

Share this post


Link to post
Share on other sites

Not sure why Graham is just getting around to writing this up today as the original article from Palo Alto Networks upon which it is based was published back in January.

Although it's been several months since I checked, as I recall even the free Malwarebytes for Mac detects components that have already been installed, but that probably indicates the user has already been compromised.

Share this post


Link to post
Share on other sites

Thank you Thomas and alvarnell. :)

Share this post


Link to post
Share on other sites

Thank you @Popeye...Great question and I agree we'd never get this question answered where we would like to get it answered. 🤣 Fast responses here..cool. I need to get Malwarebytes on my Mac like soon!!

Share this post


Link to post
Share on other sites
9 minutes ago, Ssherjj said:

Fast responses here..cool. I need to get Malwarebytes on my Mac like soon!!

:welcome: Sherry. You won't be disappointed with Malwarebytes for Mac. :)

Share this post


Link to post
Share on other sites

  Ok @Popeye I will give it a whirl tomorrow. Just wondering if one can run MB with another AV or if you really need too?

Share this post


Link to post
Share on other sites
30 minutes ago, Ssherjj said:

  Ok @Popeye I will give it a whirl tomorrow. Just wondering if one can run MB with another AV or if you really need too?

https://forums.malwarebytes.com/topic/240387-malwarebytes-for-mac-enough/?do=findComment&comment=1286403

https://forums.malwarebytes.com/topic/250791-is-malwarebytes-premium-an-antivirus-program-too/

 

Share this post


Link to post
Share on other sites
2 hours ago, Ssherjj said:

  Ok @Popeye I will give it a whirl tomorrow. Just wondering if one can run MB with another AV or if you really need too?

You can normally run another AV if you really want to. There have been a few conflicts in the past, but I believe that’s mostly been taken care of. Still one or two that will refuse to install unless you remove all others, but that’s more of a competition thing than conflict.

Just make sure that only one is enabled for real-time / on-access scanning as this can cause conflict as they fight over who get’s to scan new / revised files first.

Share this post


Link to post
Share on other sites
3 hours ago, Popeye said:

Thank you Thomas and alvarnell. :)

You’re more than welcome. Glad I could help.

Share this post


Link to post
Share on other sites
5 hours ago, alvarnell said:

You can normally run another AV if you really want to. There have been a few conflicts in the past, but I believe that’s mostly been taken care of. Still one or two that will refuse to install unless you remove all others, but that’s more of a competition thing than conflict.

Just make sure that only one is enabled for real-time / on-access scanning as this can cause conflict as they fight over who get’s to scan new / revised files first.

Thank you so much for your quick response! I will keep this in mind. I believe @Popeyeonly runs Malwarebytes Premium on his Mac? Love the help that I get from you all.😎

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.