Bitcoin-Stealing Mac OS X Trojan Discovered

Discussion in 'Mac Blog Discussion' started by MacRumors, Feb 10, 2014.

  1. MacRumors macrumors bot


    Apr 12, 2001

    A new Mac OS X trojan horse that monitors web browsing traffic in order to steal Bitcoins has been discovered by SecureMac. The trojan, called OSX/CoinThief.A, is disguised as an innocuous Bitcoin app called StealthBit that purports to send and receive anonymous payments.

    The app was posted on open-source website GitHub, but the precompiled version of the app had the malicious payload installed. The malware installs browser extensions in Safari and Google Chrome looking for login credentials for a number of Bitcoin related websites including MtGox, BTC-e, and When the app finds login credentials, it sends those back to the malware's developer.
    Bitcoin users who may have downloaded the app should check their browser extensions in Safari and Google Chrome for generic "Pop-Up Blocker" extensions.

    Article Link: Bitcoin-Stealing Mac OS X Trojan Discovered
  2. carjakester macrumors 68020


    Oct 21, 2013
    but i thought if i got my mac i wouldn't any viruses! darn pc vs mac commercials.
  3. Corrode macrumors 6502a


    Dec 26, 2008
    Calgary, AB
    It's not a virus...blah blah blah. Every time.
  4. Solver macrumors 6502

    Jan 6, 2004
    Cupertino, CA
    Virtual theft for virtual money needs the virtual police.
  5. Creep89 macrumors regular

    Mar 9, 2012
    So the user has to download and install the malware.
  6. Peace macrumors P6


    Apr 1, 2005
    Space--The ONLY Frontier
    GitHub blew it. They should check all packages before hosting them.
  7. BigBeast macrumors 6502a

    Mar 6, 2009
    I wouldn't say stupid per say, but definitely naive. Also, I would assume that if you are savvy enough to understand bit coins, their use, etc., then you are savvy enough to protect yourself for this situation, but you know what they when you assume...
  8. Cuban Missles macrumors 68040

    Cuban Missles

    This article should be used as an add for the Apple app stores. the problem is that downloading from app sites that are not monitored or curated leads to these problems. The same has happened with Android app store. Like it or not the Apple app store for iOS and Mac are better curated and the chance of this happening is significantly lower.
  9. I like bananas macrumors member

    Oct 31, 2013
  10. FloatingBones macrumors 65816


    Jul 19, 2006
    That's about as good as NBC's "All visitors to Sochi Immediately Hacked" claim:

    Their claims were thoroughly debunked in the article That NBC story 100% fraudulent. If I were Putin, I would have ejected the "journalist" who filed that story. :rolleyes:
  11. azentropy macrumors 68000


    Jul 19, 2002
    This type of Trojan horse always reminds me of the joke when viruses were first becoming popular. Sanitized to be PC...

    XXXXX Virus:
    You have just received the "XXXXXX Virus." As the we have no
    programming experience, this virus works on the honor system.
    Please delete all the files on your hard drive and manually forward
    this virus to everyone on your mailing list.

    Thank you for your cooperation,
  12. goobot macrumors 601


    Jun 26, 2009
    long island NY
    A user installing software that harms them isn't a virus, it has to install itself to be considered such.
  13. OldSchoolMacGuy macrumors 68000


    Jul 10, 2008
    You're willingly turning over your login and pass and admin access to your computer. No operating system in the world will stop this type of thing from gain access when you hand it the keys. It's not your security systems fault if you give the burglar your alarm code.
  14. cmChimera macrumors 68040


    Feb 12, 2010
    I almost posted it....and then I was like, meh, he won't get it.
  15. mdnz macrumors regular

    Apr 14, 2010
    The Netherlands
    Yes, GitHub should check the million lines of code and the hunderds of packages uploaded every second to make sure there isn't any malicious code in there.

    If you don't know what you're talking about, just don't say anything.
  16. JoeRito macrumors 6502


    Apr 12, 2012
    New England, USA
    Virtual currency sucks.... Seriously, buy hard assets like gold and silver...they are priced right at present!
  17. MarcKerr macrumors newbie


    Mar 14, 2012
    Yes but NO. Apple doesn't allow any useful Bitcoin (alt coin) apps in any of their app stores. Remember Blockchain?
    It's the curse (tradeoff) of allowing someone else control of what can be on your computing device.
  18. MarcKerr macrumors newbie


    Mar 14, 2012
    When was the last time you installed an app from a web site? How do you know it didn't contain a Trojan? Exactly how does anyone ever know the app is fine and not going to cause them a security issue? And even the App Store has had it's problems.

    It really isn't so easy to know that some app isn't going to cause you problems. In this particular case I doubt a virus protection app would have detected the issue. All those kinds of apps depend on knowing about the exploit code before they can detect it.
  19. carjakester, Feb 10, 2014
    Last edited by a moderator: Feb 11, 2014

    carjakester macrumors 68020


    Oct 21, 2013
    Was clearly being sarcastic, don't get all worked up now...
  20. Iconoclysm macrumors 68000


    May 13, 2010
    Washington, DC
    Not really seeing how bitcoin apps are necessary if you have a web browser and the ability to RDP...
  21. OLDCODGER macrumors 6502a

    Jul 27, 2011
    Lucky Country
    Question, if i may: Would Little Snitch have caught this before it could send details?
  22. PicnicTutorials macrumors 6502a


    Dec 29, 2013
    It may not be a virus but a antivirus worth it's weight would most likely warn you if something was trying to install a browser plugin.
  23. Milquetoast macrumors newbie

    Apr 14, 2008

  24. ApfelKuchen macrumors 68000

    Aug 28, 2012
    Between the coasts
    Kinda reminds me of a gold rush. BitCoin miners may not get shot, but there's no way they can completely avoid claim jumpers, sleazy supply merchants playing bait-and-switch, etc.

    Then there's the contrast between Apple's restrictive "police state" and the self-policing open source movement. With greater freedom comes greater responsibility, but all most folks see is "free."

    In the end, the Volunteer Community Watch has no obligation to be there, which is why gold rush boomtowns hired sheriffs, why the RCMP was dispatched to the Yukon, and why 19th Century businesses like the Pinkerton Agency got rich. But of course, all these things happened after something bad happened.

    Those who cannot learn from history are doomed to repeat it.
    George Santayana

    Don't it always seem to go, that you don't know what you've got 'til it's gone?"
    Joni Mitchell
  25. dBeats macrumors 6502a


    Jun 21, 2011
    I don't like Bitcoin and I don't use it, but seriously, don't people realize they can store their bitcoins offline on a USB thumb drive and lock it in a safe in their house, just like you would if you had 10 grand in gold bars? Just upload what you need and then spend it right away. Don't keep all your money on an online wallet!! Why would anyone put $10,000 or more on some website that you know nothing about, where it's not insured, and think this is a reasonable way to do things?

Share This Page