Bitcoin-Stealing Mac OS X Trojan Discovered

Discussion in 'Mac Blog Discussion' started by MacRumors, Feb 10, 2014.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    [​IMG]
    A new Mac OS X trojan horse that monitors web browsing traffic in order to steal Bitcoins has been discovered by SecureMac. The trojan, called OSX/CoinThief.A, is disguised as an innocuous Bitcoin app called StealthBit that purports to send and receive anonymous payments.

    The app was posted on open-source website GitHub, but the precompiled version of the app had the malicious payload installed. The malware installs browser extensions in Safari and Google Chrome looking for login credentials for a number of Bitcoin related websites including MtGox, BTC-e, and blockchain.info. When the app finds login credentials, it sends those back to the malware's developer.
    Bitcoin users who may have downloaded the app should check their browser extensions in Safari and Google Chrome for generic "Pop-Up Blocker" extensions.

    Article Link: Bitcoin-Stealing Mac OS X Trojan Discovered
     
  2. macrumors 68020

    carjakester

    Joined:
    Oct 21, 2013
    Location:
    Midwest
    #2
    but i thought if i got my mac i wouldn't any viruses! darn pc vs mac commercials.
     
  3. macrumors 6502a

    Corrode

    Joined:
    Dec 26, 2008
    Location:
    Calgary, AB
    #3
    It's not a virus...blah blah blah. Every time.
     
  4. macrumors 6502

    Joined:
    Jan 6, 2004
    Location:
    San Jose
    #4
    Virtual theft for virtual money needs the virtual police.
     
  5. macrumors regular

    Joined:
    Mar 9, 2012
    #5
    So the user has to download and install the malware.
     
  6. macrumors P6

    Peace

    Joined:
    Apr 1, 2005
    Location:
    Space--The ONLY Frontier
    #6
    GitHub blew it. They should check all packages before hosting them.
     
  7. macrumors 6502a

    Joined:
    Mar 6, 2009
    #7
    I wouldn't say stupid per say, but definitely naive. Also, I would assume that if you are savvy enough to understand bit coins, their use, etc., then you are savvy enough to protect yourself for this situation, but you know what they when you assume...
     
  8. macrumors 68000

    Cuban Missles

    Joined:
    Dec 6, 2012
    Location:
    My heart is in Camagüey, the rest in the USA
    #8
    This article should be used as an add for the Apple app stores. the problem is that downloading from app sites that are not monitored or curated leads to these problems. The same has happened with Android app store. Like it or not the Apple app store for iOS and Mac are better curated and the chance of this happening is significantly lower.
     
  9. macrumors member

    Joined:
    Oct 31, 2013
    #9
    Good, we need more trojans for Macs.
     
  10. macrumors 65816

    FloatingBones

    Joined:
    Jul 19, 2006
    #10
    That's about as good as NBC's "All visitors to Sochi Immediately Hacked" claim:



    Their claims were thoroughly debunked in the article That NBC story 100% fraudulent. If I were Putin, I would have ejected the "journalist" who filed that story. :rolleyes:
     
  11. macrumors 68000

    Joined:
    Jul 19, 2002
    Location:
    Surprise
    #11
    This type of Trojan horse always reminds me of the joke when viruses were first becoming popular. Sanitized to be PC...

    XXXXX Virus:
    You have just received the "XXXXXX Virus." As the we have no
    programming experience, this virus works on the honor system.
    Please delete all the files on your hard drive and manually forward
    this virus to everyone on your mailing list.

    Thank you for your cooperation,
    XXXXXXX
     
  12. macrumors 601

    goobot

    Joined:
    Jun 26, 2009
    Location:
    long island NY
    #12
    A user installing software that harms them isn't a virus, it has to install itself to be considered such.
     
  13. macrumors 65816

    OldSchoolMacGuy

    Joined:
    Jul 10, 2008
    #13
    You're willingly turning over your login and pass and admin access to your computer. No operating system in the world will stop this type of thing from gain access when you hand it the keys. It's not your security systems fault if you give the burglar your alarm code.
     
  14. macrumors 68030

    cmChimera

    Joined:
    Feb 12, 2010
    #14
    I almost posted it....and then I was like, meh, he won't get it.
     
  15. macrumors regular

    Joined:
    Apr 14, 2010
    Location:
    The Netherlands
    #15
    Yes, GitHub should check the million lines of code and the hunderds of packages uploaded every second to make sure there isn't any malicious code in there.

    If you don't know what you're talking about, just don't say anything.
     
  16. macrumors 6502

    JoeRito

    Joined:
    Apr 12, 2012
    Location:
    New England, USA
    #16
    Virtual currency sucks.... Seriously, buy hard assets like gold and silver...they are priced right at present!
     
  17. macrumors newbie

    Joined:
    Mar 14, 2012
    Location:
    Indiana
    #17
    Yes but NO. Apple doesn't allow any useful Bitcoin (alt coin) apps in any of their app stores. Remember Blockchain? http://www.macrumors.com/2014/02/05/apple-removes-blockchain-app-store/
    It's the curse (tradeoff) of allowing someone else control of what can be on your computing device.
     
  18. macrumors newbie

    Joined:
    Mar 14, 2012
    Location:
    Indiana
    #18
    When was the last time you installed an app from a web site? How do you know it didn't contain a Trojan? Exactly how does anyone ever know the app is fine and not going to cause them a security issue? And even the App Store has had it's problems. http://nakedsecurity.sophos.com/2011/11/08/apples-app-store-security-compromised/

    It really isn't so easy to know that some app isn't going to cause you problems. In this particular case I doubt a virus protection app would have detected the issue. All those kinds of apps depend on knowing about the exploit code before they can detect it.
     
  19. carjakester, Feb 10, 2014
    Last edited by a moderator: Feb 11, 2014

    macrumors 68020

    carjakester

    Joined:
    Oct 21, 2013
    Location:
    Midwest
    #19
    Was clearly being sarcastic, don't get all worked up now...
     
  20. macrumors 65816

    Joined:
    May 13, 2010
    #20
    Not really seeing how bitcoin apps are necessary if you have a web browser and the ability to RDP...
     
  21. macrumors 6502a

    Joined:
    Jul 27, 2011
    Location:
    Lucky Country
    #21
    Question, if i may: Would Little Snitch have caught this before it could send details?
     
  22. macrumors 6502

    PicnicTutorials

    Joined:
    Dec 29, 2013
    #22
    It may not be a virus but a antivirus worth it's weight would most likely warn you if something was trying to install a browser plugin.
     
  23. macrumors newbie

    Joined:
    Apr 14, 2008
    Location:
    Maryland
    #23
    Or...

     
  24. macrumors 6502a

    Joined:
    Aug 28, 2012
    Location:
    Between the coasts
    #24
    Kinda reminds me of a gold rush. BitCoin miners may not get shot, but there's no way they can completely avoid claim jumpers, sleazy supply merchants playing bait-and-switch, etc.

    Then there's the contrast between Apple's restrictive "police state" and the self-policing open source movement. With greater freedom comes greater responsibility, but all most folks see is "free."

    In the end, the Volunteer Community Watch has no obligation to be there, which is why gold rush boomtowns hired sheriffs, why the RCMP was dispatched to the Yukon, and why 19th Century businesses like the Pinkerton Agency got rich. But of course, all these things happened after something bad happened.

    Those who cannot learn from history are doomed to repeat it.
    George Santayana

    Don't it always seem to go, that you don't know what you've got 'til it's gone?"
    Joni Mitchell
     
  25. macrumors 6502

    Joined:
    Jun 21, 2011
    #25
    I don't like Bitcoin and I don't use it, but seriously, don't people realize they can store their bitcoins offline on a USB thumb drive and lock it in a safe in their house, just like you would if you had 10 grand in gold bars? Just upload what you need and then spend it right away. Don't keep all your money on an online wallet!! Why would anyone put $10,000 or more on some website that you know nothing about, where it's not insured, and think this is a reasonable way to do things?
     

Share This Page