We know that for BT seed files, as long as they are published on the Internet, they will become more active with an increase in user participation. For popular resources, the seed file may never die because there will always be users searching, downloading, and uploading, and it will continue like this.
So hackers also think that BT is a good thing. Some hackers have released pirated Final Cut Pro software, which carries XMRig mining programs and is specially designed to use Mac computers to mine Monero.
This seed file has been active since its release in 2019 and there are still many users who download the infected Final Cut Pro through the seed file, and it is difficult to detect if their Mac has been infected.
After analysis, researchers found that the hackers have made some cunning settings. For example, when the user opens the Activity Monitor, they will not notice any abnormal activity. The reason is that the mining program attached to the malware has a script that checks the Activity Monitor every 3 seconds. If it is opened, it will immediately terminate all malicious programs and restart after the next 3 seconds without detecting the Activity Monitor.
This makes it difficult for users to detect anomalies, even if they hear the fan of their Mac spinning at high speeds, they cannot see any abnormal processes in the Activity Monitor.
Regarding mining, hackers use the I2P garlic network to establish a connection. In fact, hackers can still control this malware that was released in 2019, because the malware will connect to the server controlled by the hacker through I2P when it starts up, and the XMRig mining program also connects through I2P.
I2P is a more private network based on the Tor onion network, and XMR is completely anonymous, so hackers cannot be traced.
Researchers have noticed that some hackers use cracked versions of Adobe Photoshop CC 2019 to hide mining malware, but it is unclear if they are the same group of hackers.
Therefore, sometimes developers warn that using pirated software is dangerous, and users should consider carefully when downloading pirated software.