Malwarebyte on Monday warned that a price tracking program called "CoinTicker" was installing malware on Apple's Mac computers.
The application downloads and installs parts of two different parts of malware - EvilOSX and EggShell - both applications that can be used to register private keys, steal data or execute certain commands. Malwarebytes manager Thomas Reed has written that it is possible that malware has been created to steal digital currency keys.
CoinTicker works as an application designed to display the price of selected digital currencies upon request. The user who installs the application can also choose between btc, eth, monero, and zcash. However, the application also installs the EvilOSX and EggShell programs in the background. The application does not require any breach of regulations or any other permissions. Which means that the user is likely not to see any evidence of vulnerability to these malware.
It is not clear exactly what the application creators want, but Reid pointed out that it seems likely that the purpose of the malware is to access the digital currency portfolios of users for the purpose of stealing those currencies. He wrote that malware is distributed through a digital currency application that supports this theory. The Malwarebytes program for Mac is now looking for the implementation of CoinTicker as well as malware components.