Security

MacOS:BitCoinMiner-AS

By Yana Khodun
May 23, 2024

In this article you will find the following:

Are you dealing with a MacOS:BitCoinMine-AS infection? This malicious software has the power to take over your Mac, using it to create income for hackers—while you get left with a slow and unstable computer. It can also leave your Mac open to other malware, making it even more of a threat.

 

In this article, you’ll learn how to identify and get rid of MacOS:BitCoinMine-AS, and how to stop it coming back again.

In this article you will find the following:

Before we start:

 

Looking for a quick and easy way to deal with a malware infection like MacOS:BitCoinMiner-AS? MacKeeper’s Antivirus has got it covered. Here’s how to use it to run an on-demand scan:

  1. Download and run MacKeeper, then select Antivirus.
  2. Click Start Scan.
  3. When the scan is done, select anything suspicious in the results, and click Delete.
  4. Click Delete in the pop-up to confirm.

That’s just one of many features in MacKeeper. Check it out today to see what else it can do for you and your Mac.

What is MacOS:BitCoinMiner-AS?

MacOS:BitCoinMine-AS is what’s known as a cryptocurrency miner, a type of virus that uses the host computer’s processing power to solve cryptomining problems. By solving these problems, the criminals can generate new cryptocurrency, which they can then sell or trade with.

 

Cryptocurrency can have a lot of value, but it takes a long time and a lot of processing power to mine it. That’s why criminals create malware like MacOS:BitCoinMine-AS, to steal your computing power, regardless of the effect it has on you. If your system gets infected with a cryptocurrency virus, it’ll likely be just one of many compromised computers, working together without their owners’ knowledge.

 

As its name suggests, MacOS:BitCoinMine-AS is aimed at Mac computers and macOS. Although it has Bitcoin in the name, there’s nothing to stop this malicious software from mining for other cryptocurrencies too.

 

As well as mining for cryptocurrency, MacOS:BitCoinMiner-AS may also make other changes to your Mac that cause problems. They include:

  • Changing your Mac’s startup behavior: By doing this, MacOS:BitCoinMiner-AS can immediately load and start mining, as soon as you start your computer.
  • Stealing data: MacOS:BitCoinMiner-AS is already connecting to the internet to mine crypto and generate income for the hackers. There’s nothing to stop it from stealing your personal data at the same time and sharing it with criminals.
  • Collecting hardware information: The malware might also collect and share information about your Mac. This can help the hackers to launch follow-up attacks.
  • Directing you to phishing sites: If the malware infects your web browser, it could serve you copies of familiar websites. These fake sites will be controlled by hackers. For example, you think you’re logging into your bank account, but you’re just sending your login details to the criminals. Read our guide on types of phishing to learn more.

Symptoms of MacOS:BitCoinMiner-AS infection

How do you know if you have MacOS:BitCoinMiner-AS on your Mac? Without an antivirus app, it’s difficult to be sure, but there are some telltale signs your Mac’s security may have been compromised:

  • Your Mac runs much slower than normal.
  • You experience frequent freezes when your Mac becomes unresponsive.
  • You hear your Mac’s fans spinning loudly and constantly, even when your hardware is cool.
  • Browsing the web is slow or unpredictable.
  • When you open your browser, you get redirected to a website you don’t expect.

How did MacOS:BitCoinMiner-AS get on your Mac?

Like a lot of malware, MacOS:BitCoinMiner-AS can end up on your Apple hardware via many different routes:

  1. One common method of infection is an infected webpage. This could be on a website controlled by hackers or an otherwise innocent site that’s been hijacked by criminals. If you visit one of these sites, they can use flaws in your web browser to infect the rest of your Mac.
  2. Hackers may also use Trojans to trick you. Just like the Trojan horse of legend, Trojan malware will be disguised as something innocuous but will contain a hidden—and very nasty—surprise. For example, you might download what you think is legitimate software, but as soon as you install or run it, a virus is released onto your system. The infected app may run as normal too, so you’re less likely to suspect anything is wrong.
  3. The virus can be hidden in documents too. That includes text documents and spreadsheets. When you open them, MacOS:BitCoinMiner-AS can be installed in the background, and you may never know it’s happened.

How to get rid of MacOS:BitCoinMiner-AS

To get rid of MacOS:BitCoinMiner-AS, follow our instructions below:

  1. Back up your files.
  2. Scan your Mac with antivirus and remove MacOS:BitCoinMiner-AS.
  3. Remove anything else related to MacOS:BitCoinMiner-AS.
  4. Delete MacOS:BitCoinMiner-AS browser extensions.

Let’s look at this process in a bit more detail. If your Mac is infected with MacOS:BitCoinMine-AS, follow these steps to remove this unwanted guest forever:

  1. Create a backup of any important files
  2. Scan your Mac with antivirus software, and remove the MacOS:BitCoinMiner-AS virus
  3. Remove files and objects related to MacOS:BitCoinMiner-AS
  4. Clear your browser from minor leftovers

1. Create a backup of any important files

Before making any changes to your Mac, you should back up any important files. If anything were to go wrong during the removal of MacOS:BitCoinMiner-AS, at least you wouldn’t lose your valuable data.

 

We recommend making backup files on an external hard drive or in a cloud location like iCloud. Just make sure not to back up anything that could be carrying malware—including recently added apps.

 

Of course, you can also create full backups of your Mac using Time Machine, but there’s a good reason not to do that in this case. If you make a backup of macOS while it has a malware infection, you’ll potentially back up the malware threats at the same time. As soon as you restore from that backup, you’ll reinstall the malware.

2. Scan your Mac with antivirus software and remove the MacOS:BitCoinMiner-AS virus

Once you’ve backed up your important files, it’s time to remove MacOS:BitCoinMiner-AS from your Mac. To do this quickly and easily, use MacKeeper’s Antivirus tool:

  1. In MacKeeper, select Antivirus from the sidebar, and click Start Scan.
  2. When the scan is done, select what you want to remove, and click Delete.
  3. Click the Delete button to confirm.
Open up MacKeeper, and select Antivirus from the sidebar on the left. Click 'Start Scan' and wait for the anti-malware scan to finish.
Step 1. Open Antivirus and click Start Scan
When MacKeeper has finished scanning your Mac, select any malware or other suspicious files that it's found and click 'Delete'.
Step 2. Select what to remove and click Delete
Before MacKeeper deletes the files completely, you'll need to confirm that you want to remove them. Click 'Delete' and you're done.
Step 3. Confirm removal of malware

That’s all it takes to remove malware on a MacBook, iMac, or Mac mini. Cryptominer or not, it’s a good idea to have MacKeeper installed at all times.

3. Remove files and objects related to MacOS:BitCoinMiner-AS

Getting rid of the main infection is just the first step. If MacOS:BitCoinMiner-AS has installed other elements on your Mac, you may need to clear them out separately. Follow these steps to check for and uninstall files and objects related to MacOS:BitCoinMiner-AS:

  1. Check your Applications folder for suspicious apps. Delete any you find.
  2. Open Activity Monitor from Applications > Utilities, and look for any activity that might be related to the malware.
  3. Double-click the suspicious process, then click Quit. Click Quit to confirm.
  4. Next, in Finder, select Go > Go to Folder in the menu bar. Type /Library/LaunchAgents/ and press Return.
  5. Search the LaunchAgents folder and delete anything that might be related to MacOS:BitCoinMiner-AS. Repeat this process with ~/Library/LaunchAgents and /Library/LaunchDaemons.
Look in your Applications folder for anything that might be related to the MacOS:BitCoinMiner-AS. Drag it to your Trash, then empty it.
Step 1. Check your Applications folder for suspicious apps
Open the macOS Activity Monitor in Application > Utilities, then look through the background processes for anything suspicious. Double-click anything you want to stop.
Step 2. Look for suspicious process in Activity Monitor
Click the 'Quit' button. This will bring up a pop-up, and you'll need to hit the 'Quit' button on that too. This will stop the background process from running.
Step 3. Quit background processes
Select Go > Go to Folder in your menu bar, then navigate to your LaunchAgents folder. This contains processes that start every time you load up macOS.
Step 4. Go to your LaunchAgents folder
Look through the contents of the LaunchAgents folder for anything that might be related to MacOS:BitCoinMiner-AS. Delete it, making sure to empty your Trash too.
Step 5. Look for LaunchAgents to delete

4. Clear your browser from minor leftovers

As well as installing rogue apps and login items on your Mac, MacOS:BitCoinMiner-AS may also infect your web browser. If you notice a suspicious browser extension or if your browser automatically redirects to a suspicious website, then you need to take action.

 

To clean up your Safari browser after a cryptominer infection:

  1. In the menu bar, select Safari > Settings (this is called Preferences in earlier versions of macOS).
  2. In the Extensions section, select an extension to remove. Click the Remove button.
  3. Click Show in Finder to reveal the location of the extension, then delete it.
If you think you have a rogue extension in Safari, go to your menu bar and select Safari > Settings. From there, go to the Extensions section.
Step 1. Open your Safari settings
In the Extensions area of your Safari settings, select an extension you want to remove, and click the uninstall button. This will bring up a pop-up.
Step 2. In Extensions, click the Uninstall button
You'll see a pop-up prompt. Click the 'Show in Finder' button to reveal where the extension is. You can then delete it like any other file to remove it from your Mac.
Step 3. Delete the extension in Finder

To remove browser extensions in Chrome, do as follows:

  1. In the menu bar, select Chrome > Settings.
  2. Select Extensions on the left.
  3. On the extension you want to delete, click Remove.
  4. Click Remove to confirm.
MacOS:BitCoinMiner-AS might also install extensions in Chrome. To start the removal process, select Chrome > Settings from the menu bar.
Step 1. Open your Chrome settings
In your Chrome settings, select 'Extensions' from the sidebar. This will open up another tab in Chrome, where you'll be able to see all installed extensions.
Step 2. Select Extensions
To start the removal process, look through your extensions, and click the 'Remove' button on one that you want to uninstall from your Mac.
Step 3. Click Remove on an extension
You'll be asked to confirm the removal of the Chrome extension. Click the 'Remove' button, and the extension will be uninstalled. Do this with any other extensions you want to delete.
Step 4. Click Remove to confirm removal

If you’re a Firefox user, follow these steps to remove unwanted extensions:

  1. From the menu bar, open Firefox > Settings.
  2. Select Extensions & Themes from the sidebar on the left.
  3. Next to each extension, you’ll see three dots. Click these on the extension you want to erase. Then click Remove.
  4. In the pop-up, click Remove to confirm.
If you have a MacOS:BitCoinMiner-AS extension in Firefox on Mac, you'll want to get rid of it as soon as you possibly can. Go to your Firefox settings first.
Step 1. Head to your Firefox settings
In the Firefox settings, look in the sidebar and select Extensions & Themes. This will open another tab, where you'll be able to see all your currently installed extensions.
Step 2. Select Extensions & Themes in the sidebar
Next to every Firefox extension, you'll see three small dots. Click these dots to bring up a menu. From that menu, select 'Remove'.
Step 3.  Click the three dots, then Remove
Finally, to remove an extension from Firefox on Mac, click the 'Remove' button in the pop-up prompt. Hopefully, that should be the end of it.
Step 4. Click Remove to confirm

Hint from our experts: 

 

For more information on Mac protection, check out our guide on how to remove malware from a browser.

How to protect your Mac from MacOS:BitCoinMiner-AS

Once you’ve removed the MacOS:BitCoinMiner-AS infection from your Mac, you don’t want it to come back. Here are some steps you can take to protect your Mac:

  • Change all your passwords: If the malware was spying on you, it might have stolen all your login details. You should change your Mac password as well as website passwords, making sure each one is unique. To be safe, don’t do this on the Mac that was infected.
  • Turn on 2FA: For any accounts that support two-factor authentication, make sure it’s turned on. With 2FA, you’ll receive unique codes on your phone, which you use to confirm your identity when you log into sites.
  • Change your Wi-Fi password: This could have been stolen too. If the criminals are in your vicinity, they could interfere with your network and steal data.  
  • Use real-time protection: MacKeeper’s real-time Antivirus, for example, will constantly monitor your Mac for potential threats.
  • Be careful with email attachments: If you get an attachment from someone you don’t know, don’t open it. Malware can be hidden in anything from spreadsheets to zip files.
  • Watch what you download: Stick to trusted websites, and never download anything from unknown sources. It should go without saying that you should avoid piracy websites.
  • Use a VPN: Hide your IP address and encrypt your internet connection with a VPN service like MacKeeper’s VPN Private Connect.

Make your security multilayered

You should never be complacent about your cybersecurity. Although Macs are a lot more secure than other types of computers, they aren’t infallible. There are plenty of macOS viruses and other malware. Click the wrong link or download the wrong file, and you could end up with ransomware, worms, or cryptominers on your system.

 

To prevent infection from MacOS:BitCoinMiner-AS and other malware, you need to make sure you practice good security online. But you should also combine this with antivirus, because there’s only so much you can do on your own. MacKeeper’s Antivirus knows what to look for and where to look for it. Combined with other security and privacy tools, you can make sure MacOS:BitCoinMiner-AS is removed and that it stays gone.

Use your Mac to the fullest! Sign up and get:
Effective tips on how to fix Mac issues
Reliable advice on how to stay safe online
Mac-world news and updates

Thank you!

You’ll love exploring your Mac with us.

Oops, something went wrong.

Try again or reload a page.

Written By

Yana Khodun

A content lover who aims at telling MacKeeper’s story to the rest of the IT world. Ready to love Apple apps with me?

A content lover who aims at telling MacKeeper’s story to the rest of the IT world. Ready to love Apple apps with me?

Here’s another sign you need to upgrade your macOS ASAP:

30% off your MacKeeper subscription

Сopy the code now and use it in the MacKeeper checkout after the upgrade.

Copy Code

Please be aware that this code cannot be combined with any other discounts, offers, or promotions.

Contents

Unlocked
PC

MacKeeper - your all-in-one solution for more space and maximum security.

Try Now

Read more

Shlayer Malware
Shlayer Malware
OSX.Bundlore
OSX.Bundlore

Download MacKeeper when you're back at your Mac

or

Please enter your email so we can send you a download link

Check your email on your Mac

Install MacKeeper on your Mac computer to rediscover its true power.

arrow

Run Application

step_1

Click Continue

step_2

Click Install

step_1

Your macOS version is lower than OS 10.11. We’d like to offer you MacKeeper 4 to solve the cleaning, privacy, and security issues of your macOS.