CoinTicker

Malware updated 15 days ago (2024-11-29T14:28:13.556Z)
Download STIX
Preview STIX
CoinTicker is a deceptive piece of malware that, on the surface, appears to be a legitimate application potentially useful for cryptocurrency investors. However, this software is designed to exploit and damage your computer or device, infiltrating the system through seemingly innocuous downloads, emails, or websites. Once installed, it can steal personal information, disrupt operations, or even hold data hostage for ransom. Notably, CoinTicker does not require anything beyond normal user permissions, making it particularly insidious. The CoinTicker app also establishes a user launch agent, named .espl.plist, which periodically runs the same command, thereby ensuring its persistent presence on the infected device. This aspect of the malware allows it to continuously monitor and interfere with the user's activities. Like many other malware and adware families, including Shlayer and Bundlore, CoinTicker uses the built-in utility curl to download its payload, further demonstrating its sophisticated design. In response to the threat posed by CoinTicker, Malwarebytes for Mac has updated its detection capabilities to identify and remove this malicious application, along with the other components of the malware, under the designation OSX.EvilEgg. This proactive step aims to protect users from the potential harm caused by CoinTicker, ensuring the safety and integrity of their systems and personal information.
Description last updated: 2024-10-21T08:37:10.126Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the CoinTicker Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more