also @ TechSpot: AMD A4-5000 Review: the affordable ultraportable APU

Mac OS X Trojan steals data, uses your GPU to mine Bitcoins

By

On November 1, 2011, 12:30 PM

apple, gpu, trojan, malware, mac os x, bitcoin, devilrobb

A newly discovered malware threat that targets Mac OS X systems has been found embedded in pirated copies of image editing software Graphic Converter. Known as DevilRobber or Miner-D, this latest piece of malware attempts to steal personal information and uses you machine's GPU to generate Bitcoins, a decentralized digital currency that can be exchanged online by users without the need for an intermediary bank or payment service.

Security vendor Intego says the malware was a combination of a Trojan horse, since it is hidden inside other applications; a backdoor, as it opens ports and can accept commands from command and control servers; a stealer, as it steals data and Bitcoin virtual money; and spyware, as it sends personal data to remote servers.

DevilRobber uses a legitimate mining program to generate Bitcoins, called DiabloMiner, but then sucks them out of the virtual wallet on the user's machine to send elsewhere. There have been other cases of malware designed to steal Bitcoin currency, but this is the first trojan that generates them first. One Bitcoin is currently valued at around US$3.20, and it is a good source of profit for both Bitcoin miners and cybercriminals who steal them.

The process of mining Bitcoins uses significant amounts of processing power, thus it will also reduce a machine's performance while operating. In addition, DevilRobber spies on users by taking screen captures and sending them to remote servers. It also attempts to steal usernames and passwords, runs scripts that can copy information from your browsing history and unlocked TrueCrypt data to a dump.txt file, and searches for child pornography cues.

So far, the Trojan has been detected in a torrent download for GraphicConverter version 7.4. It is not known at this time whether other Mac applications available on torrent sites are being bundled with the new malware.

Users are advised to refrain from downloading software via untrusted sources, and use a malware scanner to check their systems. Some recommended malware scanners for the Mac include ClamXavSophos, and VirusBarrier.

, , , , , ,

29 comments

User Comments: 29

Got something to say? Post a comment
  1. November 2, 2011 10:39 PM
    NTAPRO
    NTAPRO said:

    I remember reading another article about people doing that. I think India was mentioned but I'm not sure.

    Reply
  2. November 3, 2011 4:14 AM
    caravel said:

    but they can't be realistically expected to protect people from themselves

    True in the ideal world and certainly true from my perspective anyway... but in fact as producers of software which holds the users' hand and wipes their **** for them, that's quite arguably what apple are all about.

    Never trust anyone over the phone.

    I say if they are legit, let them walk in the front door. Yeah I know, thats a bit extreme but you get the picture. It's way too easy for anyone to contact you using a phone.

    +1

    You cannot even trust supposedly legit companies. Call Centres, especially those located out in the east, are often infiltrated by crooks.

    Reply
  3. February 18, 2012 6:08 AM
    Guest said:

    HELP!!! I think i have may been a victim of the same thing. i was surfing the net of my macbook air and received a random message from a stranger on Skype. so i replied, trying to figure out who it was. 20 mins later, I realized this person was only speaking to me to stall time?. but for what? I did some research on it and come to a conclusion that the stranger was stealing my personal information! So i turned my wifi off as soon as i realized. What kinds of things can they steal from my macbook air? What can i do? Please help!

    Reply
  4. February 18, 2012 3:01 PM
    captaincranky
    captaincranky, TechSpot Addict, said:

    This is not even a blip on the Apple Fan Club's radar.

    It should be self evident that this is the fault of Nvidia and Radeon. Apple doesn't make mistakes, and Apple's OS doesn't get infections, period...

    We've been getting fake phone calls from people claiming they are from windows security

    I remember reading another article about people doing that. I think India was mentioned but I'm not sure.

    That's really India's chief export isn't it, telemarketing phone calls using fake English name's? Who knew that an answering machine set to, "announce only", could prevent computer malware infections.

    Reply

Recently commented stories

Comments page: 1 2

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on PC Games

Downloads and Drivers

Downloads   Drivers  

KiTTY 0.62.2.3

mIRC 7.32

Actual Bookmarks 1.2

World of Warcraft Patch 5.3.0

Funny Photo Maker 2.4.1

More Downloads

Latest Discussion

What's the difference between DDR3 memory and GDDR5 memory? 21 replies on Processors and Motherboards

Wireless capability keeps turning off 21 replies on Storage and Networking

Need advice on router-buy 10 replies on Storage and Networking

Zotac gtx 660 fan problem 6 replies on Audio and Video

Overclocking i7-3770k, question about speedfan 7 replies on Overclocking, Cooling and Modding

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.