10 Feb '14, 5pm
Bitcoin-Stealing Mac OS X Trojan Discovered [Mac Blog]
A new Mac OS X trojan horse that monitors web browsing traffic in order to steal Bitcoins has been discovered by SecureMac . The trojan, called OSX/CoinThief.A, is disguised as an innocuous Bitcoin app called StealthBit that purports to send and receive anonymous payments. The app was posted on open-source website GitHub, but the precompiled version of the app had the malicious payload installed. The malware installs browser extensions in Safari and Google Chrome looking for login credentials for a number of Bitcoin related websites including MtGox, BTC-e, and blockchain.info. When the app finds login credentials, it sends those back to the malware's developer. Initial infection occurs when a user installs and runs an app called "StealthBit," which was recently available for download on GitHub, a website that acts as a repository for open source code. The source code to St...