Once upon a time, Mac users felt they were within a special, impenetrable bubble, where no malicious software, or hacker could reach. It was the butt of all Windows jokes, up until the past decade. Shortly after the new millennium hit the double digits, word of malware affecting Macs began circulating, and eventually a few actual infections happened, not only in a few isolated Macs, but within the App Store itself, in the form of an infected BitTorrent client application.
As usual, Apple was quick to act, but the truth of the matter is that no matter what you use, whether it’s a Windows PC, Apple Mac, or even a Linux box, hackers with a purpose will find a way to blow past your defenses and inflict damage, especially when ignoring most common sense rules.
The latest comes from Reddit user BackwardsBinary, who reported a piece of malware called “mshelper”. The effect of the malicious software on a Mac isn’t immediately obvious, as it doesn't manifest itself visually to the user, in fact, gone are the days when malware would “announce itself” with annoying pop-ups, threatening messages, or by hijacking your internet browser.
With that said, mshelper can be spotted easily within Activity Monitor, as its primary characteristic is to stress your Mac’s hardware resources. When operational, mshelper will cause the battery on your Mac to drain faster, and cooling fans will spin at full speed to keep up with the intense workload.
While BackwardBinary doesn’t currently have a solid lead on what mshelper actually does, the going theory is that the malware is designed for “cryptojacking”, which is the practice of hijacking a computer’s resources and use it to mine cryptocurrency.
The processes involved in crypto-mining are intense and require considerable hardware resources, which is why the practice require the use of powerful GPUs. If your Mac is affected, and the malware is allowed to run long enough, permanent damage is likely.
Getting rid of mshelper is relatively easy, as mentioned earlier, simply run Activity Monitor, and click on the CPU tab. Reorder the list of running apps by “% CPU” tab, and observe which apps are consuming the most CPU resources. If mshelper is installed, it should be visible on top of the list or close to the top.
Next, open Finder, and navigate to Macintosh HD > Library > LaunchDaemons and find the file labeled “com.pplauncher.plist” and delete the file. Finally, navigate back to Library, click on Application Support, and delete the file labeled “pplauncher”.
Once these steps are complete, restart your Mac.
Ready to shop?
If you are looking for the perfect MacBook, PortableOne has you covered with a great selection of Apple MacBooks, as well as the newly unveiled 13 inch and 15 inch MacBook Pro with TouchBar.