Intego is warning Mac OS X users of a new Trojan horse app, dubbed DevilRobber, that uses their computers to generate Bitcoin virtual money, and also steals their personal data.
“This malware is complex, and performs many operations. It is a combination of several types of malware,” the computer security company said. “It is a Trojan horse, since it is hidden inside other applications; it is a backdoor, as it opens ports and can accept commands from command and control servers; it is a stealer, as it steals data and Bitcoin virtual money; and it is a spyware, as it sends personal data to remote servers.”
The malware is also performing what’s known as Bitcoin mining, which is “a way of defrauding the Bitcoin virtual money service by making calculations and generating Bitcoins,” according to Intego.
DevilRobber is showing up in third-party Mac apps on BitTorrent sites, and once installed looks for user’s Safari web browsing history, copies their Bitcoin wallet if they have one, attempts to capture passwords and other data, and transmits the information to remote servers.
Just like other Trojan horse malware apps, DevilRobber is easy to avoid simply by downloading apps from the developer’s website and other trusted sources such as Apple’s Mac App Store.