To say that cryptocurrency trade in 2018 is a stressful activity would be a major understatement. Apart from keeping an eye on the market, one should also pay attention to the security or see their tokens vanish out of thin air.
I guess that many of you rely on cryptocurrency ticker apps to stay up-to-date with the current market situation, and to seamlessly monitor your crypto holdings. Yeah, I know that price fluctuation can be really intimidating sometimes but as I said before, you gotta have balls.
Now straight to the point, one guy sounded the alarm in the Malwarebytes forum, when he revealed some ticker apps installing unknown software on users’ devices. There seem to be something concerning about MacOS’ CoinTicker app. It looks like it installs two “open-source backdoors: EvilOSX and EggShell.”
As of writing, nobody has uncovered what these two malware pieces do with your (and our) machines. Nevertheless, Malwarebytes suspects that these are backdoors that could be the exit for your tokens. Put simply, security researchers believe that since this malware lies within a cryptocurrency app, their most likely task is to compromise your security and allow the bad actors to steal your fortune.
What makes this app perfect for setting up backdoors? It does not ask for access to root and administration privileges. Since after installation CoinTicker only shows cryptocurrency prices, there is nothing that can make you suspicious there is something wrong.
This is not the first time we see fraudsters come up with innovative ways to con reckless crypto geeks. This is especially true when talking about cryptojacking. There is no evidence that the above-mentioned pieces of malware are crypto mining scripts but do refrain from using CoinTicker at least for now. Of course, it is always better to be cryptojacked than being robbed. Luckily, you can always store your tokens in a cold wallet and give the baddies the finger.