Mac users are being targeted by a Trojan horse that monitors web activity in order to steal the Bitcoin digital currency, according to Mac security researchers SecureMac.
The Trojan, which SecureMac calls OSX/CoinThief.A, is hidden as a malicious payload attached to a program called StealthBit, an application for sending and receiving payments using an anonymous payments scheme called Bitcoin Stealth Addresses. The malware has been reported in the wild, with one user reporting having lost 12 bitcoins as a result of an infection, worth around £7,500.
Source code for StealthBit available on the GitHub code repository appeared to be legitimate, but a precompiled version of the program contained the CoinThief malware, according to SecureMac. The program has now been removed from GitHub.
CoinThief invisibly installs browser extensions for Safari and Google Chrome that monitor browsing traffic. It also installs a program that runs in the background looking for Bitcoin wallet credentials to send to a remote server. The malware can also receive remote commands, including updates.
Aside from login credentials, the malware also sends username and UUID identifier data for the infected Mac, as well as a list of bitcoin-related applications installed on the system.
The malware disguises the browser extensions by labelling them as pop-up blockers, and checks for certain security programs or code development tools on the infected system, according to SecureMac. The company recommends using security software to protect systems against this and similar threats.
The currency has been hit by wide fluctuations in its value in recent weeks, for instance losing more than one-quarter of its value over the past weekend after Mt Gox, one of the largest and oldest virtual currency exchanges, temporarily suspended all withdrawal orders due to an issue within the Bitcoin peer-to-peer protocol.
The currency has also been affected by ongoing questions over its acceptance, with the Russian government recently declaring it illegal and the governments of China and the EU issuing warnings against Bitcoin, with concerns including a lack of consumer protections and the currency’s use in money laundering. Apple last week removed Blockchain, the only iOS Bitcoin trading application, from the iPhone App Store.
On the other hand, entrepreneur Marc Andreessen has said he sees a bright future for Bitcoin, while organisations such as the University of Cumbria have agreed to accept bitcoin payments.
Are you a security pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…