OSX.CreativeUpdate, so named because it was retrieved from abused Adobe Creative Cloud servers, was made with Platypus, an open-source tool for creating macOS applications. It’s no surprise that security researcher Arnaud Abbati uncovered a new Monero-mining malware - OSX.CreativeUpdate (detected by Trend Micro as OSX_COINMINE.B) - packaged with decoy copies of Firefox as well as OnyX and Deeper system maintenance and optimization tools. Cryptocurrency-mining malware entered the macOS scene in 2011 as a bitcoin-mining backdoor embedded in applications distributed via torrents. Cryptocurrency-mining malware, for instance, first gained ground on Windows systems then went to affect Android-run mobile devices. If there’s anything constant in the ever-evolving technology and threat landscapes, it’s that no platform will be truly immune.