Pirated copies of Final Cut Pro were riddled with Mac malware

In a shocking twist of events, pirated software was carrying malware

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Pirated copies of a popularvideo editing softwaretool for Mac devices have been found distributingmalwareon torrent sites.

Researchers from Jamf Threat Labs stumbled upon an instance of XMRig - a popular cryptocurrency miner that’s often used in cryptojacking attacks, disguised asApple’sFinal Cut Prooffering.

Cryptojacking is essentially device hijacking, where a threat actor installs a miner and sends all of the generated tokens to an address they own. It’s called hijacking because when a miner is running, it usually takes up all of the device’s computing power, rendering it useless for pretty much anything else.

Hiding from antiviruses

Deeper analysis by Jamf determined that it was a pirated version of Final Cut Pro, modified to run XMRig in the background.

While XMRig is usually picked up by antivirus programs, this variant somehow remained under the radar. At the time oftheir report, the researchers said, VirusTotal was still not recognizing the pirated Final Cut Pro version as malicious.

The program was being distributed through Pirate Bay, the researchers added, as Pirate Bay is one of the world’s most popular torrent sites, and the user that uploaded it is a “well-known uploader”.

This new Linux malware floods machines with cryptominers and DDoS bots>Windows and Linux servers turned into crypto miners>Check out the best firewalls right now

Commenting on the discovery, Apple told 9To5Mac: “We continue to update XProtect to block this malware, including the specific variants cited in JAMF’s research. Additionally, this malware family does not bypass Gatekeeper protections. The Mac App Store provides the safest place to get software for the Mac. For software downloaded outside the Mac App Store, Apple uses industry-leading technical mechanisms, such as the Apple notary service and XProtect, to protect users by detecting malware and blocking it so it can’t run.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

As usual, the best way to protect against these threats is to only download legal software, from legitimate sources. Torrents, cracks and keygens, and other illegal software found online are filled with viruses and malware. To keep the endpoints protected, one can also install anantivirusprogram, a firewall, and set up multi-factor authentication whenever possible.

Via:9To5Mac

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

I’d drop Hulu for Netflix in November 2024 – here’s why