Fresh Trojan Nicknamed OSX/CoinThief.A Found Targeting Apple’s Mac

Secure Mac a security company, of late, said that it unearthed one fresh Mac Trojan which has been named OSX/CoinThief.A as it spread cross cyber space.

The threat is distributed in the form of a computer program known as StealthBit that apparently enables Bitcoin transactions.

Earlier there had been publication of StealthBit's source code as well as one already compiled edition of the program on the GitHub online site which is a store house of source codes of open nature. Now, they're observed on Download.com via software known as Litecoin Ticker, and Ticker TTM.

According to security researchers, StealthBit's source code has no malware; however, the already compiled edition conceals OSX/CoinThief.A.

CoinThief, when contaminates a PC and is executed first time, it loads Google Chrome's or Safari's browser extensions, which monitor web-traffic of the end-user. During the the extensions' loading, browsers are prompted towards believing that there had been purposeful loading of the extensions, as a result, no alert pop-up appears on the end-user's computer screen. The Chrome and Safari extensions show themselves like pop-up blockers.

Moreover, CoinThief as well loads one program, which constantly hunts to get the credentials of a possible Bitcoin wallet like blockchain.info, that subsequently get transmitted onto a remote online system.

Similarly the Trojan even tracks the end-user's Web-traffic to get login details that help access the popular BTC-e and MtGox Bitcoin sites. According to Secure Mac, these details too are subsequently transmitted onto the remote server.

The researchers explained that information transmitted remotely, in addition to Bitcoin login details, as well consisted of the malware tainted Mac PC's unique identifier (UUID) and username along with the different Bitcoin-associated applications present on the machine, thus reported softpedia.com dated February 10, 2014.

And once on any Mac PC, the Trojan may even generate a newer version of itself. It further verifies whether the infected system has any security software alternatively software creating tools, so it may prevent the system from detecting and examining malware.

The Mac OS X malware, concludes Apple, solely functions on the OS X, while there hasn't been indication of any iOS variant into existence.

» SPAMfighter News - 3/3/2014