Mac malware steals user credentials, processing power, Bitcoins
New Mac malware has been found making the rounds in the wild. Called DevilRobber, the malware is distributed as a Trojan on pirated versions of a Mac OS X image-editing application and other pirated applications. Of particular interest is its relative complexity, which includes a plethora of capabilities like taking unauthorized screen captures, collecting browser history, scanning for private files on the system and encrypted volumes that are mounted and the pilfering of data files.
DevilRobber will also install a Bitcoin miner application to generate more of the virtual currency by means of mathematically intensive operations. For MacBook users, this could result in dramatically reduced battery life as the malware soaks up GPU time. On the bright side, sluggish performance could result in the discovery of the malware.
In a blog entry, Graham Cluley, senior technology consultant at Sophos, warned about the need for safe computing: "Clearly, Mac users--like their Windows cousins--should practice safe computing and only download software from official Websites and legitimate download services." Recommending that Mac users also run anti-virus software, Cluley observed that "many Mac users are making themselves an unnecessarily soft target by imagining that they are somehow magically protected from threats."
Apple laptop batteries can be hacked and destroyed
New variant of Mac Defender spotted mere hours after Apple's security update
Mac OS X bug leaves Safari users susceptible to fake DigiNotar certificates
iPad takes root in the enterprise, but Apple lags on security
Security flaw spills Mac OS X Lion passwords in sleep mode