- Mac OS X
- Last updated:
- 11/01/18 6:01 pm
- Threat Level:
EvilEgg is malware. EvilEgg comes disguised as a macOS utility called CoinTicker, which is supposed to provide users with information on various types of cryptocurrency. Interestingly, the app itself appears to function as advertised. However, once launched, CoinTicker also proceeds to download two malicious components: the EvilOSX and EggShell backdoors (whence the name EvilEgg).
The backdoors contact a command and control server owned by the hackers, who are then able to execute a broad range of commands on the infected system. CoinTicker also creates a user launch agent that will download the backdoors again periodically. While the exact purpose of EvilEgg is undetermined, its delivery mechanism suggests that it may be intended to provide access to cryptocurrency wallets on compromised Macs with the end goal of stealing cryptocurrency.
EvilEgg Threat Removal
MacScan can detect and remove EvilEgg Malware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.