Bitcoin miner virus : How to detect and remove it on a Mac?

Cryptojacking is becoming one of the most common types of maker usage on all personal computers. This technique uses crypto miners to employ your computer’s resources to mine cryptocurrency — most commonly, Bitcoin. Bitcoin miner virus is one example of a crypto miner that does exactly this. 

What you need to know about Bitcoin miner Mac virus

This malware isn’t a virus, but it still causes problems for anyone whose Mac is infected by it. It’s actually a browser hijacker downloaded, like other browser hijackers, by concealing itself in a bundle with another piece of software. That could be either a fake update to something like Flash or an app that’s outdated and has been hijacked. Some malware also comes bundled in download managers used by popular download sites. However, it gets onto your Mac; once it’s there, Bitcoin miner redirects your browser’s homepage and displays intrusive adverts. Those adverts contain code that uses your Mac’s CPU cycles and RAM to mine for cryptocurrency. 

How to remove Bitcoin miner Mac virus

There are several steps to removing Bitcoin miner from your Mac. You need to quit the running process, remove login items, and then remove the extension from every web browser you use.

Step 1: Quit the process

1. Launch Activity Monitor from Applications > Utilities.

2. Look for any processes that look like they may be connected to bitcoin or a cryptocurrency.

3. If you find a process, select and then press the Stop button in the toolbar (it’s an ‘x’).

4. Repeat for any other processes that look like they’re connected to cryptocurrency.

5. Quit Activity Monitor.

If you find a process that you think might be suspicious, but you’re unsure, google its name. Chances are that someone else will have found it on their Mac, and there will be information about it. 

Step 2: Check your Login Items

  1. Some malware installs login items, so it launches whenever you boot your Mac. 
  2. Launch System Preferences from the Apple menu.
  3. Choose Users & Groups.
  4. Click on your user name. 
  5. Select Login Items. 
  6. Review the login items. If any look suspicious, select them and press the ‘-’ button to remove them.

Step 3: Remove the extension from Safari

  1. Launch Safari and choose Preferences from the Safari menu.
  2. Click on Extensions.
  3. Look for an extension that you haven’t deliberately installed and which looks suspicious.
  4. If you find one, click Uninstall on it.
  5. Now choose the General tab.
  6. Check the URL of your homepage; if it has been altered, change it back to your preferred homepage.

Remove the extension from Chrome. 

  1. Launch Chrome and click on the three dots on the right-hand side.
  2. When the menu drops down, click on More Tools and then Extensions, or you can type ‘chrome://extensions’ into the address bar.
  3. Check the installed extensions. If there are any you haven’t chosen to install or that look suspicious, press Remove.
  4. Type ‘chrome://settings’ in the address bar.
  5. Scroll down to “On start-up.” 
  6. If the setting has been altered, change it back to your preference.

Remove the extension from Firefox. 

  1. Launch Firefox.
  2. Click on three horizontal lines on the right of the toolbar and choose Add-ons.
  3. Select Extensions.
  4. Look for an extension likely to be related to Bitcoin miners.
  5. If you find one, click Remove.
  6. Click on the three horizontal lines again and choose Preferences. 
  7. Select Home.
  8. Set “Homepage and new windows” to your preferred homepage. 

You have now removed Bitcoin miner from your Mac, and it should not trouble you anymore.

How to protect your Mac from malware

To avoid downloading Bitcoin miner Mac virus or any other malware, be vigilant about the websites you visit and the files you download. If your web browser warns you that a site is not secure or macOS warns you that an app you have downloaded needs manual intervention to permit its installation, don’t ignore the warnings. Think very carefully about whether you want to visit the website or install the app.

If you’re worried that you may have downloaded malware, consider scanning your Mac using an antivirus tool. Alternatively, CleanMyMac X has a Malware Removal tool that can scan your Mac and alert you to any malware it finds, then remove it with a click.

Smart scan

Here’s how it works:

  1. Download CleanMyMac X and install it.
  2. Launch CleanMyMac X and choose the Malware Removal in the sidebar.
  3. Press Scan.
  4. When it’s finished scanning, press Remove.

Bitcoin miner Mac virus isn’t a virus, but it can cause trouble for your Mac because it may steal CPU cycles and RAM to use them to mine cryptocurrency. It may also steal personal data and display intrusive adverts in your web browser. Getting rid of it is straightforward, though, by following the steps above. If you’re worried about other malware you may have downloaded, you can scan your Mac using an antivirus tool or CleanMyMac X’s Malware Removal tool.

Laptop with CleanMyMac
CleanMyMac X

Your Mac. As good as new.