Mac Malware Mshelper Got You Down? Here’s the Solution.

Eric C.
BY: Eric C.
Posted: January 20, 2019

You wouldn’t want a stranger stealing your computing power, would you? That’s exactly what’s happening on Macs right now with the Mshelper virus. Gone are the days where MacOS was considered virus resistant. New threats are always being developed, and Apple users are not immune to them. You need to learn more about this virus and how it may be affecting your computer, especially if you’re into cryptocurrencies.

What is Mshelper?

Mshelper malware mines cryptocurrency on your computer without your permission. This virus forces your Mac’s CPU to crunch numbers and to generate digital currency for its maker. It’s already been linked to Bitcoin, Monero, and Litecoin.

Even though crypto prices are dropping, hackers can still make a lot of money by hijacking the CPU power of your computer. A single BTC is currently worth $3,500, LTC is $24.77, and Monero is $44.24. The Mshelper virus can mine these tokens for other people for free using your computer.

But there’s good news. Mshelper is rather poorly designed malware. Because cryptocurrency mining is incredibly CPU-intensive, the virus is easy to detect. Plus, it runs at full power all the time instead of waiting for whenever the machine is idle like other malware threats in its class.

One theory suggests the virus comes from a hijacked Adobe Flash Player installer, but that’s currently unconfirmed. Just because we don’t know where Mshelper comes from doesn’t mean we can’t deal with it effectively.

If you notice your CPU is working harder than it should be, you’ll want to run a virus scan to look for viruses. We recommend you try Norton, Avast, or Bitdefender.

How Is Mshelper Harmful?

The virus is mostly harmless compared to other viruses. It doesn’t steal personal information or intercept logins. Instead, it:

  • Hogs your Mac’s system resources
  • Reduces the battery life of your device
  • Raises operating noise and temperatures
  • Greatly cripples performance
  • Degrades your device’s lifespan

Apple will more than likely patch this virus in a future update, but it’s worth checking for it now.

How Can I Check Whether Mshelper is on my Machine?

To verify whether your system’s sluggishness can be attributed to Mshelper, check for its process in your Activity Monitor.

  1. Open MacOS’s Activity Monitor.
  2. Click on the CPU tab.
  3. Organize the list by CPU usage; Mshelper should be near the top.
  4. Alternatively, organize the list in alphabetical order and search for the name that way.

How Do I Remove Mshelper?

There are many ways you can remove Mshelper from your machine. We’ve provided details for both the simple and advanced approaches.

Simplified

The easiest way to get rid of Mshelper is to scan for it using your antivirus. Most reputable antivirus programs on Mac will detect it because the virus makes no effort to hide.

If you are looking for an easy way to detect the virus, try out our top 10 list of best Mac antivirus programs.

Advanced

For more technically advanced users, you can also remove Mshelper on your own.

Here’s what you need to do:

  1. Open Macintosh HD in Finder.
  2. Go to Library > LaunchDaemons and remove the file named pplauncher.plist.
  3. Go to Library > Application Support and remove the file named pplauncher.
  4. Select the “Go to Folder” tool in Finder and type “/tmp/” to reach your private temporary directory. Remove the mshelper directory from there.
  5. Finally, empty the trash bin and restart your machine.

Congratulations! Your machine’s CPU is free from cryptocurrency mining threats. While removing it isn’t very hard, we recommend running a virus scan to ensure it’s been removed.

How Can I Protect Myself from Similar Malware?

New threats are always on the horizon but there are several things you can do to protect yourself. Here are a few ways to avoid malware like Mshelper:

  • Always keep an updated antivirus on your Mac. Your antivirus program is your first line of defense against these kinds of attacks.
  • Use a firewall. A firewall will analyze both incoming and outgoing traffic and help you spot malicious activity on your computer.
  • Practice smart browsing habits. Don’t open random emails or files, and only download files from trusted websites.
  • Avoid Adobe Flash Player whenever possible. While the claims haven’t been proven, Adobe Flash Player has been linked to malware attacks in the past.

Awareness is key when it comes to detecting malware like Mshelper. While this malware won’t steal your personal information, it does infringe on your ability to use your computer. You can avoid malware like this by installing a reliable antivirus on your computer.

About the Author

Eric C.
Eric C.

Eric is a professional copywriter with over 7 years of experience writing on marketing and tech topics. In recent years, he has focused heavily on the rapidly developing security, fintech, and cryptocurrency industries.