New Mac cryptominer malware, called “mshelper,“ is the news that many affected MacOS users have reported on Reddit and Apple Support Communities in order to know more information find solutions to remove malicious code from an affected Mac.
Cryptojacking has already been designed to automatically mine cryptocurrency on your computer without your knowledge, which makes the CPU overwork and hog other resources.
The payload will show up to be delivered through modified downloads like the Adobe Flash installer. You’re usually recommended to download software outside Mac App Store from verifiable sources, official websites. Until Apple lists “mshelper” into macOS’s Quarantine blacklist, you have to manually detect and remove the malware from your MacOS.
What is Mac cryptominer malware “mshelper”?
Mshelper” comes in a form of Mac cryptominer malware. Once a host is infected, it will monopolize your Mac’s CPU and other system resources to mine Bitcoins on your computer. Mining is always a CPU-heavy process that does extensive calculations.
According to MalwareBytes, although this particular malware does not steal or delete your data, it makes use of your computer resources. Since the CPU usage gets high, your Mac will become unresponsive, run slowly. Because your CPU is fully utilized, your Mac fan will also kick into overdrive.
If you feel your Mac is getting warmer and the fan sound is getting louder for no apparent reason, your device is absolutely affected with “mshelper”. Here’s you can check if “mshelper” has infected your MacOS system as well as steps to remove it.
How to remove “mshelper” from your Mac
First of all, you need to find out if your Mac has been infected:
- Launch Activity Monitor from /Applications/Utilities.
- Click on the CPU tab and then sort the list by the processes to see CPU usage. Look at the top of the list. If you see a process called “mshelper” that is eating up a lot of your CPU, your computer is infected by this malware. After that, proceed with the tutorial to delete “mshelper” from your machine.
- Select the Go To Folder command from the Finder’s Go
- Enter the path “/Library/LaunchDaemons/”and then click on the Go
- If you see the “com.pplauncher.plist” file in the Finder window, just delete it. Its full path is:
- Continue to select the Go To Folder command from the Finder’s Go
- Enter the path “/Library/Application Support/pplauncher/”and click on the Go
- When you see the “pplauncher” file in the Finder window, simply delete it. Its full patch is:
- Once done, restart your Mac. That’s it.
Check again if the annoying cryptominer is no longer on your Mac. To do so, launch Activity Monitor, sort the process and then confirm that “mshelper” no longer appears.
According to Alex de Vries, a blockchain evangelist and financial economist, Bitcoin mining takes up 0.5% of electrical energy in the world in 2018.
Is your Mac being affected by Cryptominer Malware “mshelper”? Follow the above steps to delete it on your Mac.