Pirated copies of Final Cut Pro were riddled with Mac malware

News
By
published

In a shocking twist of events, pirated software was carrying malware

Illustration of a laptop with a magnifying glass exposing a beetle on-screen
(Image credit: Shutterstock / Kanoktuch)

Pirated copies of a popular video editing software tool for Mac devices have been found distributing malware on torrent sites. 

Researchers from Jamf Threat Labs stumbled upon an instance of XMRig - a popular cryptocurrency miner that’s often used in cryptojacking attacks, disguised as Apple’s Final Cut Pro offering. 

Cryptojacking is essentially device hijacking, where a threat actor installs a miner and sends all of the generated tokens to an address they own. It’s called hijacking because when a miner is running, it usually takes up all of the device’s computing power, rendering it useless for pretty much anything else.

Hiding from antiviruses

Deeper analysis by Jamf determined that it was a pirated version of Final Cut Pro, modified to run XMRig in the background.

While XMRig is usually picked up by antivirus programs, this variant somehow remained under the radar. At the time of their report, the researchers said, VirusTotal was still not recognizing the pirated Final Cut Pro version as malicious.

The program was being distributed through Pirate Bay, the researchers added, as Pirate Bay is one of the world’s most popular torrent sites, and the user that uploaded it is a “well-known uploader”.

Read more

> This new Linux malware floods machines with cryptominers and DDoS bots

> Windows and Linux servers turned into crypto miners

> Check out the best firewalls right now

Commenting on the discovery, Apple told 9To5Mac: “We continue to update XProtect to block this malware, including the specific variants cited in JAMF’s research. Additionally, this malware family does not bypass Gatekeeper protections. The Mac App Store provides the safest place to get software for the Mac. For software downloaded outside the Mac App Store, Apple uses industry-leading technical mechanisms, such as the Apple notary service and XProtect, to protect users by detecting malware and blocking it so it can’t run.”

As usual, the best way to protect against these threats is to only download legal software, from legitimate sources. Torrents, cracks and keygens, and other illegal software found online are filled with viruses and malware. To keep the endpoints protected, one can also install an antivirus program, a firewall, and set up multi-factor authentication whenever possible.

Via: 9To5Mac

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
These fake macOS updates are actually just looking to spread malware
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Mac users targeted with new malware, so be on your guard
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Huge cybercrime attack sees 390,000 WordPress websites hit, details stolen
Android phone malware
Screen reading malware found in iOS app stores for first time - and it might steal your cryptocurrency
Image of laptop infected with malware threat
This devious new macOS malware disguises itself as Chrome, Zoom installers
Illustration of a laptop with a magnifying glass exposing a beetle on-screen
This devious macOS malware is evading capture by using Apple's own encryption
Latest in Security
A graphic showing fleet tracking locations over a city.
Lost & Found tracking site hit by major data breach - over 800,000 could be affected
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.
US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
Web DDoS attacks see major surge as AI allows more powerful attacks
Polish space agency says it was hit by a cyberattack
Illustration of a hooked email hovering over a mobile phone
AWS misconfigurations reportedly used to launch phishing attacks
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
Microsoft Teams and other Windows tools hijacked to hack corporate networks
Latest in News
Google Gemini iPhone Lock Screen
You can now access Gemini from your iPhone's lock screen
Michelle, Keats, and Doctor Amherst looking unimpressed and worried in The Electric State
Netflix drops trailer for The Electric State, and I'm getting serious District 9 vibes
YouTube TV
YouTube TV might be planning a big Netflix update that puts the best streaming services first
Google Pixel 9 Pro
Here are the 7 best Pixel 9 and Pixel Watch 3 features landing in March’s Pixel Feature Drop
Bang & Olufsen Beogram 4000C Saint Laurent Rive Droite Edition
Bang & Olufsen's latest reworked turntable is a masterpiece of retro revival, in a breathtaking wooden presentation box
Apple Watch Series 10
Apple unveils new Apple Watch bands – here's what's in the Spring 2025 collection
More about security
A graphic showing fleet tracking locations over a city.

Lost & Found tracking site hit by major data breach - over 800,000 could be affected
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.

Microsoft Teams and other Windows tools hijacked to hack corporate networks
Daredevil standing in somebody's underground lair in Daredevil: Born Again season 1

Daredevil: Born Again is a fearless Disney+ revival of the best Netflix Marvel TV show that continues to restore my faith in the MCU
See more latest
Most Popular
A business woman looking at AI on a transparent screen
Businesses are facing an "AI Divide" - which could be the difference between success and failure
Google Gemini iPhone Lock Screen
You can now access Gemini from your iPhone's lock screen
Apple Vision Pro with Dassault Systèmes 3DEXPERIENCE platform
Dassault Systèmes teams up with Apple to use Vision Pro headsets to bring spatial CAD to life
Samsung 18.1-inch foldable OLED monitor
Samsung has launched a flexible portable monitor complete with a briefcase, one that seems to come straight from a James Bond movie
GenMachine Zhi mini pc
This is the smallest AMD PC I've ever seen: mysterious manufacturer uses Ryzen 3 APU with surprising results
Beelink ME Mini
One of our favorite mini PC vendors has launched a NAS that looks a bit like Apple's PowerMac G4 Cube PC - but way smaller
Michelle, Keats, and Doctor Amherst looking unimpressed and worried in The Electric State
Netflix drops trailer for The Electric State, and I'm getting serious District 9 vibes
YouTube TV
YouTube TV might be planning a big Netflix update that puts the best streaming services first
Maserati MC20 Autonomous
This AI-driven Maserati just hit 197.7mph without a human behind the wheel
AI data center
Is Microsoft hesitating on AI? Days after CEO said it would be upping capacity, analyst claims tech giant has actually cancelled data center leases