ESET is warning Mac users not to download pirated software from file-sharing peer-to-peer networks, as ESET researchers have discovered Bitcoin-stealing malware being spread via cracked apps. The malware, OSX/CoinThief , was first discovered earlier this month and was found to steal login credentials related to various Bitcoin-related exchanges and wallet sites via malicious browser add-ons.
CoinThief was first spotted earlier this month by SecureMac researchers, who found it had been distributed via popular download sites such as Download.com and MacUpdate.com, disguised as trojanised versions of Bitcoin Ticker TTM (To The Moon), BitVanity, StealthBit and Litecoin Ticker.
However, the malware team at ESET labs have also seen OSX/CoinThief spread through torrents as cracked versions of the following popular Mac OS X applications such as BBEdit – an OS X text editor; Pixelmator – a graphics editor; Angry Birds – a game of trebuchet-powered temperamental avian bombardment; and Delicious Library – a media cataloguing application.
There is clearly strong evidence that the trojan was specifically designed to profit from the current Bitcoin craze and fluctuating exchange rates.
“The hackers behind the CoinThief trojan are trying to cash in on the current Bitcoin craze and fluctuating exchange rates by breaking into users’ digital wallets,” said ESET IT Security and cybercrime analyst Urban Schrott in an email. “As ESET’s research team has shown, Mac users who download and install pirated software from torrent sites are not only depriving developers of their rightful income, but putting their computers and finances at risk as well.”
He also said that whether you are into Bitcoin or not, it’s essential that you protect your Mac with an up-to-date anti-virus product and resist the temptation to download cracked and pirated software.
Instead, go to a legitimate source – such as the developer’s own website or the Mac App store.