SecureMac, Inc.

Some Apps on the Mac App Store Are Mining Cryptocurrency

March 19, 2018

The wave of cryptocurrency miners taking the place of common malware continues in 2018 unabated, and it appears every week we encounter another story about a website running surreptitious miners or a company looking for ways to use your CPU resources. As Mac users, we should be safe from those when we’re downloading validly signed apps from the Mac App Store, right? As it turns out, no — not all the time, unfortunately. In fact, it appears that Apple let an app with a Monero miner slip right through …

Some Apps on the Mac App Store Are Mining Cryptocurrency

The wave of cryptocurrency miners taking the place of common malware continues in 2018 unabated, and it appears every week we encounter another story about a website running surreptitious miners or a company looking for ways to use your CPU resources. As Mac users, we should be safe from those when we’re downloading validly signed apps from the Mac App Store, right? As it turns out, no — not all the time, unfortunately. In fact, it appears that Apple let an app with a Monero miner slip right through the review process to enter the main storefront.

Called Calendar 2, the app boasts that it offers more and richer features than in the stock macOS calendar app. For power users and those with busy schedules, this could seem like a good deal: it’s a chance to do more with a simple, quick download. Like many similar apps, it locks many of its most useful features behind a premium paywall. Users have the option to pay a one-time fee or opt for a monthly subscription plan to access these features. Calendar 2, however, goes one step further: it actually informs users that if they allow the app to use their device to mine cryptocurrency, they can access all the premium features for free.

Typically, miners do not go out of their way to make it known they’re using your idle CPU cycles. However, the designer of Calendar 2 seems to think that by disclosing it, they could skirt App Store guidelines and be in the clear. Given that the app made it through the review process (which largely focuses on ensuring no malware or illegal API calls are present) and onto the App Store, it seemed at first as if they had succeeded. Users who enabled the feature would allow the app to begin running a background crypto miner. Based on app store reviews, it wasn’t subtle, either, oftentimes using up all a user’s available CPU power.

Though Calendar 2 remained up for a few days after this discovery, Apple pulled the app from the Mac App Store after security researchers alerted the Cupertino-based company to the issue. Are there other miners lurking out there on the store? For now, we don’t know for sure, but it’s clear that this is something both users and Apple itself must watch out for in the future. This example highlights that we must maintain vigilance in what we allow apps to access on our devices, no matter where that app may come from!

Get the latest security news and deals