Bitcoin-Stealing OS X Trojan Now Masquerading as 'Angry Birds' and Other Popular Mac Apps - MacRumors
Skip to Content

Bitcoin-Stealing OS X Trojan Now Masquerading as 'Angry Birds' and Other Popular Mac Apps

by

bitcoin.pngA Bitcoin-stealing trojan has been detected in downloads claiming to be cracked versions of popular Mac applications, reports security firm ESET through its We Live Security blog. The OSX/CoinThief.A malware was discovered in popular Bitcoin software earlier this month by SecureMac, but is now being used to target users of more mainstream apps.

The trojan initially surfaced on open source software hosting site GitHub, and it was quickly bundled into several Bitcoin apps available through multiple download sites. Further investigation by ESET has now uncovered the trojan masquerading as cracked versions of popular Mac apps such as BBEdit, Pixelmator, Angry Birds, and Delicious Library.

OSX/CoinThief.A involves a malicious browser add-on used to intercept logins for Bitcoin wallet sites and related exchanges such as MtGox, BTC-e, and blockchain.info. Stolen login credentials are then forwarded to the malware's developer.

There is clearly strong evidence that the trojan was specifically designed to profit from the current Bitcoin craze and fluctuating exchange rates.

According to detection statistics gathered by the ESET LiveGrid, the threat is mostly active amongst Mac users based in the United States.

The websites where these files are being distributed from have not been revealed, but Mac owners can prevent infection by avoiding pirated software and downloading titles directly from the developer's website or the Mac App Store. Users can find instructions on how to check for and remove the malware on SecureMac's blog post.

Popular Stories

iOS 26

iOS 26.5 Features: Everything New in iOS 26.5

Monday May 11, 2026 5:09 pm PDT by
Apple released iOS 26.5 after a few months of beta testing, and while it doesn't have the Siri features we were hoping for since those are being held until iOS 27, there are a handful of useful changes worth knowing about. Subscribe to the MacRumors YouTube channel for more videos. End-to-End Encryption for RCS Support for end-to-end encryption (E2EE) for RCS messages between iPhone and...
Read Full Article66 comments
Dynamic Island iPhone 18 Pro Feature

11 Reasons to Wait for the iPhone 18 Pro

Monday May 11, 2026 9:01 am PDT by
We're only four months out from the launch of Apple's premium next-generation smartphone lineup, and while we're not expecting a sea change in terms of functionality, there are still several enhancements rumored to be coming to the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth noting is that Apple is reportedly planning a major change to its iPhone release cycle this year, adopting a...
Read Full Article40 comments
Apple WWDC25 iOS 26 CarPlay Light mode 250609

Six Popular iPhone Apps Now Available on CarPlay

Thursday May 14, 2026 9:10 am PDT by
Apple's CarPlay system for accessing iPhone apps on a vehicle's dashboard screen has received six popular apps in recent weeks: ChatGPT, Perplexity, Grok, Google Meet, WhatsApp, and the indie artist streaming platform Audiomack. Make sure you have the latest version of each app and they will automatically appear on CarPlay. ChatGPT Starting with iOS 26.4, CarPlay supports voice-based...
Read Full Article29 comments

Top Rated Comments

satcomer Avatar
satcomer
159 months ago
Pirated software users are surprised that some of these cracked software might be Trojan carriers?
Score: 28 Votes (Like | Disagree)
JetBlack7 Avatar
JetBlack7
159 months ago
Joke's on them, I own 0 bitcoins.
Score: 23 Votes (Like | Disagree)
D
dustinsc
159 months ago
Downloading cracked apps is like eating out of a garbage bin. Sure, you might find something that looks tasty in there, but even if it looks good it will still probably get you sick.
Score: 22 Votes (Like | Disagree)
tuartboy Avatar
tuartboy
159 months ago
This is why code signing and Gatekeeper exist.
Score: 21 Votes (Like | Disagree)
Plutonius Avatar
Plutonius
159 months ago
Only in cracked versions = no problem.
Score: 18 Votes (Like | Disagree)
W
WallToWallMacs
159 months ago
Seems to be a catch22 for Apple. The more successful and ubiquitous it becomes, the more it will be targeted by the nefarious. All the more so because of the statistical affluence of the user base. That's a shame.

How is it a catch 22 for Apple when there are idiots going out to download pirated software because they're too bloody cheap to purchase a legitimate copy via the AppStore? That's like blaming Microsoft for some person downloading Creative Suite off a bittorrenting website then complaining that all their credit card information has been stolen and its apparently all Microsoft's fault.
Score: 16 Votes (Like | Disagree)
Read All Comments