Mac computer users have always touted the computers to be better than Windows-based machines due to a greater degree of security provided to the users. However, a number of instances have been recorded recently that are beginning to show the cracks in their theory. There have been several cases of high-profile malware being discovered on MacOS computers and another has just been found. Thomas Reed, Malwarebytes Director of Mac & Mobile, published a blog post recently talking about the discovery of an issue with cryptocurrency tracking application CoinTicker. His investigation into the issue began after being tipped off by a Mac user, leading Reed to write the blog post and discuss the issue on Twitter. He said, \u201cAn astute contributor to our forums going by the handle 1vladimir noticed that an app named CoinTicker was exhibiting some fishy behavior over the weekend. It seems that the app is covertly installing not just one but two different backdoors.\u201d CoinTicker providers an app that allows users to track a number of cryptocurrencies, including Bitcoin BCH, as well as BTC, ETH and many others. It pools data from a number of exchanges and then displays it in a user-friendly format so users can watch how the markets are moving. What the users didn\u2019t know, however, is that the app also included the malware, which was more than likely added to the application in order to gain access to cryptocurrency wallets. CoinTicker contains Eggshell and EvilOSX, two forms of malware that give remote access to computers to perform any number of functions, depending on how they\u2019re configured. When he first started looking into the issue, Reed believed that CoinTicker could have had its website hacked and the legitimate app replaced with the infected version. However, as he dug deeper, he began to discover clues that led him to believe that the app might not have been legitimate from the start. Reed explained, \u201cFirst, the app is distributed via a domain named coin-sticker.com. This is close to, but not quite the same, as the name of the app. Getting the domain name wrong seems awfully sloppy if this were a legitimate app. Adding further suspicion, it seems that this domain was just registered a few months ago on July 13.\u201d The malware goes to work as soon as a user logs onto the computer. It runs hidden in the background and doesn\u2019t require any special permissions, not even root. Malwarebytes offers a tool that identifies CoinTicker as the OSX.EvilEgg malware. Anyone that has installed the app should scan their computers and remove any instances of CoinTicker. Most importantly, don\u2019t install anything that isn\u2019t from reliable sources.