Crypto Miner infected MacOS boot sector

I have the Crypto Miner virus and it has infected my MacOS boot sector. My iMac has been slow and keeps rebooting. Finally yesterday, it would not boot completely and just cycles through the boot process. Hit Ctrl -S to enable the single user mode and noticed a couple of strange lines:

handle_crypto_mount :815: handling crypto mount (volume /dev/disk1s1)

handle_crypto_mount :997: crypto mount finished w/apfs

Is there a bootable option with Bitdefender? Is my only option to re-partition my harddrive and reinstall the OS from a USB.


  • FlexxFlexx ✭✭✭✭

    Hi Member,

    Sorry for the issue you are facing. Boot sector malwares are really hard to treat and they might require reinstallation of OS.

    If you are able to open your desktop, kindly download Malwarebytes for mac ( and run a scan. If anything found kindly quarantine and delete it. If nothing found and issue is still persisting kindly raise a ticket with Bitdefender support at

    If this resolves your query, kindly select agree.



  • FlexxFlexx ✭✭✭✭
    edited May 8

    Kindly let us know if If this issue is resolved.

    If yes, then kindly select agree.



Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.