Mac malware steals user credentials, processing power, Bitcoins

Tools

New Mac malware has been found making the rounds in the wild. Called DevilRobber, the malware is distributed as a Trojan on pirated versions of a Mac OS X image-editing application and other pirated applications. Of particular interest is its relative complexity, which includes a plethora of capabilities like taking unauthorized screen captures, collecting browser history, scanning for private files on the system and encrypted volumes that are mounted and the pilfering of data files.

DevilRobber will also install a Bitcoin miner application to generate more of the virtual currency by means of mathematically intensive operations. For MacBook users, this could result in dramatically reduced battery life as the malware soaks up GPU time. On the bright side, sluggish performance could result in the discovery of the malware.

In a blog entry, Graham Cluley, senior technology consultant at Sophos, warned about the need for safe computing: "Clearly, Mac users--like their Windows cousins--should practice safe computing and only download software from official Websites and legitimate download services." Recommending that Mac users also run anti-virus software, Cluley observed that "many Mac users are making themselves an unnecessarily soft target by imagining that they are somehow magically protected from threats."

For more on this story:
- check out this article at eWeek
- check out this article at PC Mag
- check out this article at Naked Security

Related Articles:
Apple laptop batteries can be hacked and destroyed

New variant of Mac Defender spotted mere hours after Apple's security update

Mac OS X bug leaves Safari users susceptible to fake DigiNotar certificates

iPad takes root in the enterprise, but Apple lags on security

Security flaw spills Mac OS X Lion passwords in sleep mode