Mac OS X Trojan steals data, uses your GPU to mine Bitcoins

[Jos]

A newly discovered malware threat that targets Mac OS X systems has been found embedded in pirated copies of image editing software Graphic Converter. Known as DevilRobber or Miner-D, this latest piece of malware attempts to steal personal information and uses you machine's GPU to generate Bitcoins, a decentralized digital currency that can be exchanged online by users without the need for an intermediary bank or payment service.

Security vendor Intego says the malware was a combination of a Trojan horse, since it is hidden inside other applications; a backdoor, as it opens ports and can accept commands from command and control servers; a stealer, as it steals data and Bitcoin virtual money; and spyware, as it sends personal data to remote servers.

DevilRobber uses a legitimate mining program to generate Bitcoins, called DiabloMiner, but then sucks them out of the virtual wallet on the user's machine to send elsewhere. There have been other cases of malware designed to steal Bitcoin currency, but this is the first trojan that generates them first. One Bitcoin is currently valued at around US$3.20, and it is a good source of profit for both Bitcoin miners and cybercriminals who steal them.

The process of mining Bitcoins uses significant amounts of processing power, thus it will also reduce a machine's performance while operating. In addition, DevilRobber spies on users by taking screen captures and sending them to remote servers. It also attempts to steal usernames and passwords, runs scripts that can copy information from your browsing history and unlocked TrueCrypt data to a dump.txt file, and searches for child pornography cues.

So far, the Trojan has been detected in a torrent download for GraphicConverter version 7.4. It is not known at this time whether other Mac applications available on torrent sites are being bundled with the new malware.

Users are advised to refrain from downloading software via untrusted sources, and use a malware scanner to check their systems. Some recommended malware scanners for the Mac include ClamXav, Sophos, and VirusBarrier.

Permalink to story.

https://www.techspot.com/news/46092-mac-os-x-trojan-steals-data-uses-your-gpu-to-mine-bitcoins.html

 

[Tomorrow_Rains]

What a coincidence.

 

[dedparrot]

modern day robin hood. steal from the rich.................then keep it for yourself!

 

[Adhmuz]

Sounds rather bad, sadly as Mac gains more ground in the PC world this will become more and more of a threat. Most people I talk to about Apple OS claim it to be the most secure OS, which for the most part is true, but thats only because its not a viable source of revenue for Trojans and other Malware. Now for the worse part of all, the majority of people who have this on their system probably won't be aware of it or be able to get rid of it.

 

[tehbanz]

Mac's are becoming less and less secure as time goes on, remember the battery virus that was apparently going around? this is just insane, however this virus was obtained from pirated software. whomever gets this is already stealing, and some might agree it's simply karma.

I can't wait to stick it in some mac users craw when they use the "omg i never get virus's" deal, which honestly i don't get how that's a defense of an os, i;ve used windows for 20+ years and have never got a virus.

 

[lchu12]

Adhmuz said:
Sounds rather bad, sadly as Mac gains more ground in the PC world this will become more and more of a threat. Most people I talk to about Apple OS claim it to be the most secure OS, which for the most part is true, but thats only because its not a viable source of revenue for Trojans and other Malware. Now for the worse part of all, the majority of people who have this on their system probably won't be aware of it or be able to get rid of it.

I concur...

 

[Xclusiveitalian]

It just works =p

 

[Vrmithrax]

And so begins the harrowing journey for the unfortunate IT personnel who have to explain security software over and over and over again, to Apple users who adamantly refuse to accept that their Precious could possibly be vulnerable.

 

[lawfer]

Vrmithrax said:
And so begins the harrowing journey for the unfortunate IT personnel who have to explain security software over and over and over again, to Apple users who adamantly refuse to accept that their Precious could possibly be vulnerable.

Yeah, karma is a *****.

 

[gwailo247]

The official line from Apple will be that users should not download torrents, but buy all the applications from Apple, that way they'll avoid viruses.

If there is an official line from Apple. They prefer the ostrich approach when it comes to viruses and malware.

Perception uber alles.

 

[Cota]

Since mac's have PCI-e based GPU's its was easy to set up the Bitcoin miner virus, this time their massive clone bases PC's was their weakness (also the pride xP)

 

[carlwh123]

lol these computers are going to be mining bitcoins while the person is trying to work. Then they'll say to their supposed tech savvy friend "my computer's been really slow lately" and the advice from the friend will be that "it's gotten old" and "time for a new computer". Apple will win in the end.

 

[Guest]

Wouldn't a "tech-savvy" friend tell the person to re-install the OS?

 

[carlwh123]

Wouldn't a "tech-savvy" friend tell the person to re-install the OS?

I suppose it's possible.
I should've put quotes around "tech savvy"

I'm really alluding to these characters who support Apple wholeheartedly, represent that they're very filled in on all tech matters and couldn't in fact diagnose a Trojan on the basis that "Apple computers don't get viruses"

 

[aj_the_kidd]

Other then Macs supposed superior video/photo editing capabilities, being virus free is Apples big selling point for most people, which people keep telling me a nausea, so this story makes me smile

 

[Sunny87]

Although I'm a Mac and PC user I would like to point out I'm a bit of hybrid when it comes to computing, I have to install antivirus on most if not all OSes I use and that includes my mac, the only thing I can see in my favour is I don't download any torrents on my macbook pro, but we all know that there is more than one way to get it, the problem is going to be the antivirus companies are not going to be able to send out a definition update in time to combat the issue and stop the virus in it's tracks before it infects your system.

I also agree that many mac users are plain ignorant when it comes to installing antivirus, I called this about 8 years ago when I met a mac server installer bloke I said to him "do you not feel the more popular os will not be the target for the most viruses and attacks?" to which he replied by saying the following "Mac's getting viruses is a myth and will always be the windows users who make it up" at this point i refused to ever talk to him again I hope he's eating he's hat now!

 

[Guest]

See this is the problem windows is one big trojan virus.

 

[fimbles]

This only happened because steve jobs was not at the end of the apple gateway with his staff of power shouting "YOU SHALL NOT PASS!

 

[caravel]

If someone downloads pirated software via torrents and then installs that software with administrator/root privileges, they're clearly asking for it - and in fact deserve everything they get. Consider it "Darwinism in action", in fact.

The funny thing is that many windows users, those who when posting on forums, supposedly pay for all of their software, do that all the time, but rely on an anti-virus program to protect them from their own idiocy.

 

[fimbles]

caravel said:
If someone downloads pirated software via torrents and then installs that software with administrator/root privileges, they're clearly asking for it - and in fact deserve everything they get. Consider it "Darwinism in action", in fact.

The funny thing is that many windows users, those who when posting on forums, supposedly pay for all of their software, do that all the time, but rely on an anti-virus program to protect them from their own idiocy.

You did notice that this was a story about a mac virus, And that the pirate in question was a mac user right?

Id rather be evolved by natural selection than marketing.

 

[DanUK]

xclusiveitalian said:
It just works =p

+1

This is what I always say when I see something go wrong with an apple product (seems so satisfying)?

 

[example1013]

This just illustrates the biggest security vulnerability in macs: the users.

 

[SNGX1275]

This just illustrates the biggest security vulnerability in macs: the users.

Thats true of any OS.

 

[example1013]

SNGX1275 said:

This just illustrates the biggest security vulnerability in macs: the users.

Thats true of any OS.

Very astute of you to notice. This is the second trojan horse to make the news. Both have required administrator permission to install legitimately (because macs have prompted administrator password before installing programs for years before Windows came out with UAC). It's all well and good to have fun at Apple's expense, but they can't be realistically expected to protect people from themselves. We still get trojan horse virii in my office from people who click on something that looks legitimate, and I've lost quite a few afternoons to fake Windows Security notices.

 

[aj_the_kidd]

example1013 said:
I've lost quite a few afternoons to fake Windows Security notices.

We've been getting fake phone calls from people claiming they are from windows security