Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Feb 27, 2014, 11:02 AM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Bitcoin-Stealing OS X Trojan Now Masquerading as 'Angry Birds' and Other Popular Mac Apps




A Bitcoin-stealing trojan has been detected in downloads claiming to be cracked versions of popular Mac applications, reports security firm ESET through its We Live Security blog. The OSX/CoinThief.A malware was discovered in popular Bitcoin software earlier this month by SecureMac, but is now being used to target users of more mainstream apps.

The trojan initially surfaced on open source software hosting site GitHub, and it was quickly bundled into several Bitcoin apps available through multiple download sites. Further investigation by ESET has now uncovered the trojan masquerading as cracked versions of popular Mac apps such as BBEdit, Pixelmator, Angry Birds, and Delicious Library.

OSX/CoinThief.A involves a malicious browser add-on used to intercept logins for Bitcoin wallet sites and related exchanges such as MtGox, BTC-e, and blockchain.info. Stolen login credentials are then forwarded to the malware's developer.
Quote:
There is clearly strong evidence that the trojan was specifically designed to profit from the current Bitcoin craze and fluctuating exchange rates.

According to detection statistics gathered by the ESET LiveGrid, the threat is mostly active amongst Mac users based in the United States.
The websites where these files are being distributed from have not been revealed, but Mac owners can prevent infection by avoiding pirated software and downloading titles directly from the developer's website or the Mac App Store. Users can find instructions on how to check for and remove the malware on SecureMac's blog post.

Article Link: Bitcoin-Stealing OS X Trojan Now Masquerading as 'Angry Birds' and Other Popular Mac Apps
MacRumors is offline   0 Reply With Quote
Old Feb 27, 2014, 11:04 AM   #2
Plutonius
macrumors 601
 
Plutonius's Avatar
 
Join Date: Feb 2003
Location: New Hampshire
Only in cracked versions = no problem.
Plutonius is offline   18 Reply With Quote
Old Feb 27, 2014, 11:06 AM   #3
tuartboy
macrumors 6502a
 
tuartboy's Avatar
 
Join Date: May 2005
This is why code signing and Gatekeeper exist.
tuartboy is offline   21 Reply With Quote
Old Feb 27, 2014, 11:07 AM   #4
Parasprite
macrumors 65816
 
Parasprite's Avatar
 
Join Date: Mar 2013
See, this is why I prefer dogecoin.

Security through obscurity!
__________________
Has anyone, anywhere, ever actually used ~/Pictures/iPod Photo Cache/ for anything besides deleting or hiding it?
Parasprite is offline   7 Reply With Quote
Old Feb 27, 2014, 11:09 AM   #5
Illusion986
macrumors 6502
 
Join Date: Mar 2009
Karma
Illusion986 is offline   9 Reply With Quote
Old Feb 27, 2014, 11:13 AM   #6
satcomer
macrumors 68040
 
satcomer's Avatar
 
Join Date: Feb 2008
Location: Upstate NYS
Pirated software users are surprised that some of these cracked software might be Trojan carriers?
__________________
Mac Pro Dual 2.8 Quad(Rev B.), 16 G RAM, OS X 10.9, 23'' LCD
Mac Book Pro Core 2 Duo 2.16Ghz, SuperDrive, 2G RAM, OS X 10.7.5
iPad 3, 32 black
satcomer is offline   28 Reply With Quote
Old Feb 27, 2014, 11:13 AM   #7
Phil A.
macrumors 68040
 
Phil A.'s Avatar
 
Join Date: Apr 2006
Location: Telford, UK
I have very little sympathy for people who install cracked apps
__________________
Tell a man there are 300 billion stars in the universe and he'll believe you. Tell him a bench has wet paint on it and he'll have to touch it to be sure. ~Murphy's Law
Phil A. is offline   15 Reply With Quote
Old Feb 27, 2014, 11:13 AM   #8
ddelapp
macrumors newbie
 
Join Date: Nov 2011
Good thing the MtGox took their site down then. *ahem*
ddelapp is offline   1 Reply With Quote
Old Feb 27, 2014, 11:14 AM   #9
El Hikaru
macrumors regular
 
Join Date: Dec 2013
Every news paper talks about bitcoin nowadays. I am more impressed by bitcoin concept than its potential harm.
El Hikaru is offline   2 Reply With Quote
Old Feb 27, 2014, 11:15 AM   #10
dustinsc
macrumors regular
 
Join Date: Nov 2009
Downloading cracked apps is like eating out of a garbage bin. Sure, you might find something that looks tasty in there, but even if it looks good it will still probably get you sick.
dustinsc is offline   22 Reply With Quote
Old Feb 27, 2014, 11:16 AM   #11
Gabichon
macrumors member
 
Join Date: Aug 2011
Location: Canada
Quote:
Originally Posted by parasprite View Post
see, this is why i prefer dogecoin.

Security through obscurity! :d
<3
Attached Thumbnails
Click image for larger version

Name:	Screen Shot 2014-02-27 at 12.15.14 PM.png
Views:	60
Size:	261.6 KB
ID:	462789  
Gabichon is offline   11 Reply With Quote
Old Feb 27, 2014, 11:17 AM   #12
satcomer
macrumors 68040
 
satcomer's Avatar
 
Join Date: Feb 2008
Location: Upstate NYS
Quote:
Originally Posted by dustinsc View Post
Downloading cracked apps is like eating out of a garbage bin. Sure, you might find something that looks tasty in there, but even if it looks good it will still probably get you sick.
That is good saying.
__________________
Mac Pro Dual 2.8 Quad(Rev B.), 16 G RAM, OS X 10.9, 23'' LCD
Mac Book Pro Core 2 Duo 2.16Ghz, SuperDrive, 2G RAM, OS X 10.7.5
iPad 3, 32 black
satcomer is offline   0 Reply With Quote
Old Feb 27, 2014, 11:18 AM   #13
FirstNTenderbit
macrumors 6502
 
Join Date: Jan 2013
Location: Atlanta
Seems to be a catch22 for Apple. The more successful and ubiquitous it becomes, the more it will be targeted by the nefarious. All the more so because of the statistical affluence of the user base. That's a shame.
__________________
I'm a big fan of good tech. I don't really care who makes it.
FirstNTenderbit is offline   2 Reply With Quote
Old Feb 27, 2014, 11:18 AM   #14
JetBlack7
macrumors 68000
 
JetBlack7's Avatar
 
Join Date: May 2011
Location: Portugal
Joke's on them, I own 0 bitcoins.
__________________
iPhone 5S Space Gray 32GB Game Center ID: JetBlack7
JetBlack7 is offline   23 Reply With Quote
Old Feb 27, 2014, 11:21 AM   #15
Jessica Lares
macrumors 603
 
Jessica Lares's Avatar
 
Join Date: Oct 2009
Location: Near Dallas, Texas, USA
I have to wonder why you can buy a $1,000 Apple computer, but you can't buy a $5 game.

Those people deserve it. Mining your own money, but taking someone else's? No excuse.
__________________
Have You Hugged Your Mac Today?
Daily Expressions | iMac G4 | Late 2011 13" MacBook Pro | iPod Nano (7G) | iPad Mini | iPod Touch (5G) | iPhone 5S
Jessica Lares is offline   12 Reply With Quote
Old Feb 27, 2014, 11:25 AM   #16
WardC
macrumors 68020
 
WardC's Avatar
 
Join Date: Oct 2007
Location: Fort Worth, TX
Send a message via AIM to WardC
Tim Cook, masquerading as CEO, and other popular Mac tricks....

----------

Only trust this coin:

__________________
iMac 27" 3.4GHz i7 SSD 16GB RAM
MacBook Pro 15-inch 2.6GHz i7 256GB SSD/ 16GB RAM

Thinking about Apple...
WardC is offline   4 Reply With Quote
Old Feb 27, 2014, 11:29 AM   #17
WallToWallMacs
macrumors regular
 
Join Date: Jan 2014
Quote:
Originally Posted by FirstNTenderbit View Post
Seems to be a catch22 for Apple. The more successful and ubiquitous it becomes, the more it will be targeted by the nefarious. All the more so because of the statistical affluence of the user base. That's a shame.
How is it a catch 22 for Apple when there are idiots going out to download pirated software because they're too bloody cheap to purchase a legitimate copy via the AppStore? That's like blaming Microsoft for some person downloading Creative Suite off a bittorrenting website then complaining that all their credit card information has been stolen and its apparently all Microsoft's fault.
WallToWallMacs is offline   16 Reply With Quote
Old Feb 27, 2014, 11:31 AM   #18
needfx
macrumors 68020
 
needfx's Avatar
 
Join Date: Aug 2010
Location: macrumors apparently
...which resulted to angry users
needfx is offline   0 Reply With Quote
Old Feb 27, 2014, 11:32 AM   #19
Parasprite
macrumors 65816
 
Parasprite's Avatar
 
Join Date: Mar 2013
Quote:
Originally Posted by WardC View Post
Only trust this coin:

Image
I have trouble finding those these days...
__________________
Has anyone, anywhere, ever actually used ~/Pictures/iPod Photo Cache/ for anything besides deleting or hiding it?
Parasprite is offline   1 Reply With Quote
Old Feb 27, 2014, 11:32 AM   #20
bflowers
macrumors 6502
 
Join Date: Jul 2006
Shady activity resulting in the theft of a shady currency.

Hmm. So in order to expose yourself to a criminal, you have to do something criminal yourself. Not that Bitcoin is safe anyway.
bflowers is offline   0 Reply With Quote
Old Feb 27, 2014, 11:32 AM   #21
dlowings
macrumors member
 
Join Date: Jan 2011
Osx

The scary part is this talks about OSX not iOS... This really sucks .. People rag on jailbrake, but this goes deeper than jail broken phones..
dlowings is offline   1 Reply With Quote
Old Feb 27, 2014, 11:32 AM   #22
LordVic
macrumors 65816
 
Join Date: Sep 2011
Location: Ontario
Quote:
Originally Posted by WallToWallMacs View Post
How is it a catch 22 for Apple when there are idiots going out to download pirated software because they're too bloody cheap to purchase a legitimate copy via the AppStore? That's like blaming Microsoft for some person downloading Creative Suite off a bittorrenting website then complaining that all their credit card information has been stolen and its apparently all Microsoft's fault.
I think the point he's making is that even 10 years ago, hen Apple was < 5% share of all computers out there, selling a few thousand a year, Nobody cared to write anything that affected Apple computers and OSx.

Now that Apple computers are a household name, with a lot more sales and actually starting to penetrate the PC market in a measurable way, Their claim that Apple computers are infinitely more secure than Windows based PC's because of obscurity is starting to diminish.

We are seeing more and more OSx based attacks over the last year.
__________________
“We can't win against obsession. They care, we don't. They win.”
― Douglas Adams, Life, the Universe and Everything
LordVic is offline   3 Reply With Quote
Old Feb 27, 2014, 11:33 AM   #23
musika
macrumors 65816
 
musika's Avatar
 
Join Date: Sep 2010
Location: New York
Bad week for security.
__________________
I write about lots of things at turtlepie.net.
musika is offline   5 Reply With Quote
Old Feb 27, 2014, 11:35 AM   #24
KdParker
macrumors 68030
 
KdParker's Avatar
 
Join Date: Oct 2010
Bitcoin is in its infancy and will have to see where this will end.

But downloading 'cracked' software rarely seems to be a good idea.
__________________
16g iPhone5s Space Grey; 16g iPhone5 White;
15" retina - MBP 2.6 GHZ 16 RAM;
iPad4 retina
KdParker is online now   1 Reply With Quote
Old Feb 27, 2014, 11:37 AM   #25
skottichan
macrumors 6502a
 
skottichan's Avatar
 
Join Date: Oct 2007
Location: Columbus, OH
Send a message via AIM to skottichan Send a message via MSN to skottichan
Quote:
Originally Posted by musika View Post
Bad week for security.
This issue, not so much. Mostly, because it's a relatively old scam for Macs. One of the more recent ones was a Trojan that came hidden in pirated versions of Photoshop, Office and iWork.

This is why stuff like Gatekeeper and signing exists, as well as Apple's ability to feed machines with anti-malware behind the scenes.
skottichan is offline   3 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Sick of Flappy or Angry Birds? Pluck'em all in new game Plucking Birds! Isotope 244 iPhone and iPod touch Apps 0 Apr 3, 2014 09:40 AM
Bitcoin-Stealing Mac OS X Trojan Discovered MacRumors Mac Blog Discussion 34 Feb 19, 2014 12:50 PM
Mac App Store - Angry Birds bug LorenzMeir Mac Applications and Mac App Store 4 Feb 8, 2013 11:29 AM
'Angry Birds Star Wars' Arrives on iPhone, iPad and Mac MacRumors iOS Blog Discussion 35 Nov 13, 2012 03:40 PM

Forum Jump

All times are GMT -5. The time now is 11:26 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC