DevilRobber Mac OS X Trojan pony spies on you, uses GPU for Bitcoin mining – Naked Security

| 0

DevilRobber Mac OS X Trojan horse spies on you, uses GPU for Bitcoin mining - Naked Security

Postbode navigation

Yesterday, users of Sophos’s security products (including our free anti-virus for Mac huis users) had their protection automatically updated to protect against a fresh Mac OS X Trojan pony that has bot distributed via torrent sites such spil PirateBay.

Copies of the legitimate Mac OS X photo editing app GraphicConverter version 7.Four were uploaded to file-sharing networks. However, they came with an unexpected addition.

Hidden inwards the download wasgoed a copy of the OSX/Miner-D (also known spil ‘DevilRobber’) Trojan pony.

If your Mac rekentuig wasgoed infected by the malware, the very first thing you might notice is spectacle becoming sluggish.

That’s because OSX/Miner-D attempts to generate Bitcoins, the currency of the anonymous digital metselspecie system, by stealing lots of GPU (Graphics Processing Unit) time. GPUs are much better than regular CPUs at performing the mathematical calculations required for Bitcoin mining.

Yes, this Mac malware is stealing computing time spil well spil gegevens.

Te addition to Bitcoin mining, OSX/Miner-D also spies on you by taking screen captures and stealing your usernames and passwords. Te addition, it runs a script that copies information to a opstopping called dump.txt regarding truecrypt gegevens, Vidalia (TOR plugin for Firefox), your Safari browsing history, and .bash_history.

Curiously, the Trojan also hunts for any files that match “pthc”. It’s unclear whether this is intended to uncover child manhandle material or not (the phrase “pthc” is sometimes used on the internet to refer to pre-teen xxx pornography).

To accomplish the onslaught – if the malware finds the user’s Bitcoin wallet it will also steal that.

Of course, the producers of GraphicConverter have done nothing wrong themselves – they are victims of the criminals who are using their popular software spil a trapje to infect Mac users who download software from unofficial sources.

It’s possible that other apps have also bot distributed via torrent sites infected by the malware, or that the cybercriminals will use other methods to distribute their Trojan pony.

Clearly, Mac users – like their Windows cousins – should practice safe computing and only download software from official websites and legitimate download services. But, ter addition to that, it’s becoming clearer every week that Mac users need to take malware protection more earnestly by running anti-virus software.

There may be a loterijlot less malware for Mac OS X than there is for Windows, but many Mac users are making themselves an unnecessarily soft target by imagining that they are somehow magically protected from threats.

There are a number of anti-virus products available for Mac, including Sophos’s free version for huis users, so there’s truly no excuse.


Leave a Reply