Recently a new cryptominer malware dubbed ‘mshelper’ was discovered by some Mac users, whose devices were exploited by this software to mine Monero cryptocurrency.
Cryptominer is a kind of malware that typically sneaks into users’ devices and consumes system resources to mine cryptocurrency without users’ knowledge. Once it get into your device, it monopolizes the CPU and other system resources to the full, which will make your device run slowly, become unresponsive or overloaded. The continually high processor usage could also prevent other apps from working normally, make your Mac’s fans run faster, and drain the battery more rapidly.
If your Mac is running hot and consuming its battery at a higher rate that ever before, you can go to check whether your Mac has been infected by the ‘mshelper’ malware.
Here’s how to detect and remove this malware from your compromised Mac:
If a process labeled ‘mshelper’ appears in the list, that means your Mac has been infected, and the next step is to eliminate this malware from macOS. Note that simply quitting it in Activity Monitor cannot stop it from automatically launching again.
The full path of involved files:
You can restart your Mac after deleting them, and then launch Activity Monitor to see if the ‘mshelper’ process still exists. You should have got rid of this malware now.
It is not clear how ‘mshelper’ gets into affected users’ Macs, but the most possible reason could be the suspicious downloads and accidental clicking. To prevent your Mac from being compromised, you are strongly supposed to install software via Mac App Store or download apps from official website and trusted developers.