A new Mac OS X trojan horse that monitors web browsing traffic in order to steal Bitcoins has been discovered by SecureMac. The trojan, called OSX/CoinThief.A, is disguised as an innocuous Bitcoin app called StealthBit that purports to send and receive anonymous payments.The app was posted on open-source website GitHub, but the precompiled version of the app had the malicious payload installed. The malware installs browser extensions in Safari and Google Chrome looking for login credentials for a number of Bitcoin related websites including MtGox, BTC-e, and blockchain.info. When the app finds login credentials, it sends those back to the malware's developer.
Initial infection occurs when a user installs and runs an app called "StealthBit," which was recently available for download on GitHub, a website that acts as a repository for open source code. The source code to StealthBit was originally posted on GitHub, along with a precompiled copy of the app for download. The precompiled version of StealthBit did not match a copy generated from the source code, as it contained a malicious payload. Users who downloaded and ran the precompiled version of StealthBit instead ended up with infected systems. A user posting over the weekend on Reddit, the popular discussion site, reported losing 20 Bitcoins (currently worth upwards of $12,000 USD) to the thieves.Bitcoin users who may have downloaded the app should check their browser extensions in Safari and Google Chrome for generic "Pop-Up Blocker" extensions.
34 comments
Apple this weekend participated in the annual San Francisco Pride Parade, as part of its longstanding support of the LGBTQ community.
Photo: Trey Forgety
Apple's CEO Tim Cook,...
Apple today launched a keyboard repair program for MacBook and MacBook Pro models equipped with butterfly keys to address complaints over letters or characters that repeat unexpectedly, letters or...
Warner Bros' new Westworld game for mobile devices is a "blatant rip-off" of Bethesda game Fallout Shelter, according to a lawsuit Bethesda filed in a Maryland U.S. District Court this...
The United States Supreme Court today ruled that the government "is required" to obtain a warrant if it wants to gain access to data found on a civilian's smartphone, but only when...
Apple supplier Taiwan Semiconductor Manufacturing Company has begun commercial production of chips manufactured using its advanced 7-nanometer process (via DigiTimes). One of the major customers for...
Apple today filed petitions with the United States Patent and Trademark Office challenging the validity of four Qualcomm patents amid an increasingly vicious legal battle, reports Bloomberg. Apple is...
Just weeks after Apple abandoned its plans to build a $1 billion data center in Ireland, and amid a major Irish tax dispute with the European Commission, Apple CEO Tim Cook ensures his company...
As a side note in his report about technical challenges facing the AirPower, expected to be released by September, well-connected reporter Mark Gurman also noted that Apple considered removing wired...
