Cryptocurrency mining Mac malware OSAMiner uses AppleScripts to evade the research

A Cryptocurrency mining malware OSAMiner has been known since 2015, but researchers have trouble analyzing it because payloads are exported as run-only AppleScript files, making it harder to decompile them into source code. However, a recent variant of the malware went even further and now embed a run-only AppleScript into other scripts and uses URLs in public web pages to download the Monero Miner. OSAMiner is known to spread via pirated games and software, a popular example being Microsoft Office. Read more...