“SecureMac has discovered a new Trojan Horse called OSX/CoinThief.A, which targets Mac OS X and spies on web traffic to steal Bitcoins. This malware has been found in the wild, and there are multiple user reports of stolen Bitcoins,” SecureMac reports. “The malware, which comes disguised as an app to send and receive payments on Bitcoin Stealth Addresses, instead covertly monitors all web browsing traffic in order to steal login credentials for Bitcoin wallets.”
“Initial infection occurs when a user installs and runs an app called ‘StealthBit,'” which was recently available for download on GitHub, a website that acts as a repository for open source code,” SecureMac reports. “The source code to StealthBit was originally posted on GitHub, along with a precompiled copy of the app for download. The precompiled version of StealthBit did not match a copy generated from the source code, as it contained a malicious payload. Users who downloaded and ran the precompiled version of StealthBit instead ended up with infected systems. A user posting over the weekend on Reddit, the popular discussion site, reported losing 20 Bitcoins (currently worth upwards of $12,000 USD) to the thieves.”
Read more in the full article here.
[Thanks to MacDailyNews Reader “Fred Mertz” for the heads up.]
Related articles:
Russian authorities say Bitcoin illegal – February 10, 2014
Enraged Bitcoin true believers shoot, smash iPhones after Apple yanks Bitcoin app from App Store – February 6, 2014
Apple pulls ‘Blockchain’ Bitcoin app from iTunes App Store – February 6, 2014
Apple App Store’s rocky relationship with Bitcoin apps – December 10, 2013