Printed from http://www.electronista.com

Alert: New Mac malware hiding in pirated graphics software

updated 09:05 pm EDT, Mon October 31, 2011

Steals GPU time, tries to capture passwords, more

Anti-malware makers Sophos and Intego have warned of a new Mac OS X Trojan Horse that hides inside pirated software, specifically GraphicConverter v7.4. The malware, known as OSX/Miner-D or "DevilRobber," steals GPU time to generate counterfeit Bitcoins (part of anonymous digital cash system) and also attempts to steal usernames and passwords through periodic screen captures. It also sends information about the Mac's security setup and browsing history to a remote server.

In addition, if the user is already a Bitcoin user, the malware will also try to steal the credit out of the Bitcoin "wallet." The Bitcoin digital currency has found some favor in the open-source world another communities, but has been plagued with security breaches. The malware has been added to versions of GraphicConverter that have been uploaded to illegal file-sharing networks, so at present the malware is extremely easy to avoid -- but it could spread to other pirated files. Because of this, all pirated software should be regarded as potentially infected and avoided.

The pirated GraphicConverter, when installed, also installs a Java-based app called "DiabloMiner" that uses the GPU to do the mathematical calculations needed to generate Bitcoins. Because it hides inside a legitimate app, it is classified as a Trojan horse, but also acts as a backdoor and spyware, since it tries to send unauthorized data to remote servers. Because the user actively gives permission for the pirated software to be installed, the added malware also gains this authorization as part of the package.

Users who may have installed the pirated software may be able to detect whether they have gotten the malware as well by noticing any sluggishness in their computer, particularly during graphically-intense operations. All of the major anti-virus and anti-malware makers for the Mac have updated their definition files to prevent the malware from working, and it is likely that Apple itself will follow suit with a silent upgrade to its own anti-malware protection in due course.

Legitimate users and buyers of GraphicConverter have no cause for concern. Both Sophos and Intego offer free or trial versions of their anti-malware software for home Mac users.




By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. facebook_Michael

    Via Facebook

    Joined: Oct 2011

    -1

    As long as it's only ...

    in the pirated software, I'm not worried. Seems a good thing to me.

  1. chas_m

    Moderator

    Joined: Aug 2001

    +3

    No

    I'm very anti-piracy myself, but NO it's not a good thing. It's a potential security flaw that Apple should fix now that they are aware of it.

  1. Mr. Strat

    Junior Member

    Joined: Jan 2002

    -1

    More FUD

    I just love it when companies who just happen to sell anti-virus software warn us about potential threats.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    +2

    Re: More FUD

    And I just love when idiot commenters always make the same comment about anti-virus makers warning you about threats.

    Pray tell, who else would know about such threats? Who would you trust that a threat existed?

    Apple? Oh, wait, they'll probably tell you to upgrade your OS to Lion to be protected, so that's just a money grab too.

    Perhaps MS? Nah, they're spreading FUD to keep Windows users.

    Oh, I know, how about some bloggers or a columnist in a magazine? Nah, they're just idiots. What do they know, they aren't experts in the world of computer security.

    Hackers? Nah, can't be trusted. They're just probably trying to make people think that OS X is not super solid and to get some street cred or something.

    Gee, so, really, there's no one who could say "Hey, there's a threat out there for the Mac" that you couldn't claim was a piece of FUD by the crowd of Anti-Apple people or those trying to make a quick buck.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    +4

    Re: No

    I'm very anti-piracy myself, but NO it's not a good thing. It's a potential security flaw that Apple should fix now that they are aware of it.

    There is NO security flaw. These are trojan horses, which means they are just programs that hide their payloads. You can't protect against such a thing. You're actually running the stupid thing yourself!

  1. nhmlco

    Fresh-Faced Recruit

    Joined: Mar 2007

    -2

    comment title

    As far as I'm concerned, pirates deserve whatever they get...

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Crucial MX100 256GB SATA-3 SSD

While the price-per-gigabyte ratio for magnetic platter-based hard drives can't be beat, the speed that a SSD brings to the table for ...

Narrative Clip

With the advent of social media technology, people have been searching for new ways to share the events of their daily lives -- be it ...

Blue's Mikey Digital

Blue Microphones, a company that makes some of the most popular digital USB microphones among podcasters and musicians, has for some t ...

Sponsor

toggle

Most Commented

 
toggle

Popular News