Wednesday, November 2, 2011

DevilRobber Trojan Targets Mac OS X to Steal Data & Mine BitCoins

DevilMac users who tend to frequent torrent sites such as PirateBay or Paratypic should be cautious when downloading apps as they could contain a nasty piece of malware called DevilRobber.A.

The focus of the DevilRobber malware is to steal files and BitCoins, take screenshots of your computing activity, utilize your Mac’s computing power to solve cryptographic problems in order to mine BitCoins, and open a backdoor to grant remote control to its authors.

Once DevilRobber makes its way onto your Mac, it first checks to make sure that you don’t have [a] Little Snitch installed, ready to blow the whistle when it attempts to make outgoing internet connections.

If the coast is clear, the DevilRobber malware sets up camp by adding a LaunchAgent file to ensure it runs on start-up or login and capturing targeted information like your Safari browsing history, BitCoin wallet information, your MAC’s external IP address, computer login credentials, and more.

All of the sensitive data collected from the infected machine is then uploaded to a remote server to be reviewed as needed by evil-doers behind the DevilRobber malware.

Aside from all of the information theft, DevilRobber participates in a resource and electricity hogging activity known as ‘BitCoin mining’.

Despite the sophistication of the DevilRobber malware, it’s not very widespread and only appears to be bundled with a handful of Mac programs, including the popular image editor, GraphicConverter version 7.4.

Still, it’s recommended that Mac users go to the websites of the respected software vendors to download the programs of choice and run up-to-date antivirus software to avoid coming face to face with the Devil[Robber].

Be sure to follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest computer security threats.

Photo Credit: Vectorportal.com

No comments:

Post a Comment