Daily News Roundup: Malware in Your Pirated Software

Researchers at ESET and Malwarebytes have discovered crypto mining malware hidden in pirated music production software. The pirated software loads the malware in an emulated copy of Linux Preview Changes (opens in a new window)and can infect Windows, Linux, and even MacOS.

Downloading pirated software is generally a bad thing to do. Not only does it deprive developers of earnings for their hard work, but you may also put yourself at risk in the process. Case in point, researchers at ESET and Malwarebytes, recently published findings of malware they’ve dubbed Loud Miner and Bird Miner respectively.

From what we can tell, they’re looking at the same malware, as nearly all details line up. The companies found crypto miners hidden in pirated copies of music production software known as Ableton Live.

Ableton Live is a high-end audio software and is known to be, out of necessity, processor intensive to use. That fact makes it a perfect target for the malware developers, as they can surmise that anyone that wants to the software will have powerful processors (useful for crypto mining), and may write off the heavy processor use from mining as the audio software doing its job.
The developers of the malware took novel steps to both infect as many people as possible and hide their true intentions.

The software creates an emulated copy of Linux, known as TinyCore, to run from, allowing it to work across Windows, Linux, and Mac. And before it begins mining, it checks processor usage. If it detects 85% or more of the CPU in use, it waits to mine until more resources are available. The software also closes if certain tools, like Activity Monitor, are running that may reveal it.

Malwarebytes already updated its software to detect Bird Miner, for anyone worried about infection. [TechRadar]

In Other News:

Apple launches a voluntary recall of some MacBooks: 15-inch MacBook Pros from mid-2015 are overheating. Drastically enough, Apple felt the need to do a recall. You can check Apple’s recall site to see if the recall includes your MacBook; if it does you’ll get a new battery. Now if only Apple would recall its keyboards and replace it with something good. [9to5Mac]
Canada’s largest credit union just revealed a massive breach: Desjardins, Canada’s largest credit union, revealed an employee leaked the personal information of 2.7 million people and over 170,000 businesses. The bank fired the employee and is offering monitoring services to everyone impacted. They say you shouldn’t stash cash in a mattress, but sometimes it sounds tempting. [ZDNet]
Google is exiting the tablet business: The lead engineer for Google’s hardware division has confirmed the company no longer plans to make tablets. The decision included canceling two projects already in the works. If we’re honest, there’s no great Android out there, and the OS is half the problem. So losing Google tablets isn’t a huge loss. Other manufacturers will still fill in the gap anyway. [Ars Technica]
Windows 10 will tell you if the May 2019 Update is blocked: With any significant Windows 10 update, Microsoft likes to scan your PC for potential known problems with the update. If it finds a match, it blocks the update to prevent issues. That’s good, but until now you were told “no update available” which is slightly misleading. You may have thought the May 2019 Update wasn’t released. Now Windows will tell you that it’s blocked and give you a link to why. Good stuff. [TechRadar]
Esports comes back to the X Games: The X games stopped hosting esports about three years ago. Now they’re returning and the first game to be featured is rising battle royale star Apex Legends. The prize pot is over $150,000, and qualifiers are on June 29th so get your team together quickly. My first pick is Wraith, but I’ll settle for Bangalore. [Engadget]
Google Maps is filled with fake businesses: Google Maps is an easy place to check for a local plumber, electrician, or car repair shop. Unfortunately, many of these businesses are fake and lead to competitors, or are people posing as other businesses. It’s always a good idea to check more than one source when you need to find a repair service, especially one you invite into your home. And if you find a fake business, you should report it to Google. [The Verge]
A survey indicates the Tesla Autopilot name may lead to overconfidence in the tech: The Insurance Institute for Highway Safety (IIHS) did a survey asking people how safe they felt using self-driving features like taking hands off the wheel, talking on the phone or sleeping. The study gave participants the names of several competing technologies (Autopilot, Supercruise, etc.) but no manufacturer names or explanations of capabilities. Autopilot scored much higher in trust even in actions it’s clearly not designed for, like napping, which is disconcerting. What’s in a name exactly? [IIHS]

You may have seen the news that smartphone users are growing a skull horn in the back of their head. The research comes from a chiropractor and associate professor of biomechanics who have the studied abnormally large bony structures in the base of some people’s skulls.

While the study hypothesized that the cause was bad posture from staring at smartphones and tablets, it failed to do several things to establish that theory.