Feeds

Illicit Bitcoin miners steal resources from infected Macs

Passwords, browsing history also harvested

Intelligent flash storage arrays

Security researchers have identified malware that hijacks the resources of infected Macs to illegally mint the digital currency known as Bitcoin.

The DevilRobber.A trojan has been circulating on The Pirate Bay and other BitTorrent trackers, where it's bundled with the Mac OS X image-editing application Graphic Converter, researchers from Sophos blogged on Monday. Like previous malware attacking Windows PCs, it commandeers a Mac's graphics card and CPU to perform the mathematical calculations necessary to generate new digital currency, a process known as Bitcoin mining.

As researchers from rival antivirus provider Intego point out in their own blog post, Bitcoin mining is just one of the many activities performed by the recently discovered trojan.

“This malware is complex, and performs many operations,” they wrote. “It is a combination of several types of malware: it is a Trojan horse, since it is hidden inside other applications; it is a backdoor, as it opens ports and can accept commands from command and control servers; it is a stealer, as it steals data and Bitcoin virtual money; and it is a spyware, as it sends personal data to remote servers.”

In addition to hijacking a Mac's GPU and CPU for Bitcoin mining, DevilRobber.A also searches an infected machine for any Bitcoin wallets. If found, the malware will purloin the digital currency. It also steals passwords, browsing history from Safari browsers, and data from Vidalia, a Firefox plugin used to communicate over the TOR anonymity service.

So far, DevilRobber.A has been installed on only a small number of machines. But it's part of a growing wave of increasingly sophisticated malware targeting Mac users. Over the past month, at least two other OS X trojans have also been discovered, including Tsunami, which is derived from an earlier Linux-infecting backdoor called Kaiten, and Flashback, which was recently updated to make it harder for researchers to do reconnaissance on it. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.