toggle

AAPL Stock: 111.78 ( -0.87 )

Printed from http://www.macnn.com

Alert: New Mac malware hiding in pirated graphics software

updated 09:05 pm EDT, Mon October 31, 2011

Steals GPU time, tries to capture passwords, more

Anti-malware makers Sophos and Intego have warned of a new Mac OS X Trojan Horse that hides inside pirated software, specifically GraphicConverter v7.4. The malware, known as OSX/Miner-D or "DevilRobber," steals GPU time to generate counterfeit Bitcoins (part of anonymous digital cash system) and also attempts to steal usernames and passwords through periodic screen captures. It also sends information about the Mac's security setup and browsing history to a remote server.

In addition, if the user is already a Bitcoin user, the malware will also try to steal the credit out of the Bitcoin "wallet." The Bitcoin digital currency has found some favor in the open-source world another communities, but has been plagued with security breaches. The malware has been added to versions of GraphicConverter that have been uploaded to illegal file-sharing networks, so at present the malware is extremely easy to avoid -- but it could spread to other pirated files. Because of this, all pirated software should be regarded as potentially infected and avoided.

The pirated GraphicConverter, when installed, also installs a Java-based app called "DiabloMiner" that uses the GPU to do the mathematical calculations needed to generate Bitcoins. Because it hides inside a legitimate app, it is classified as a Trojan horse, but also acts as a backdoor and spyware, since it tries to send unauthorized data to remote servers. Because the user actively gives permission for the pirated software to be installed, the added malware also gains this authorization as part of the package.

Users who may have installed the pirated software may be able to detect whether they have gotten the malware as well by noticing any sluggishness in their computer, particularly during graphically-intense operations. All of the major anti-virus and anti-malware makers for the Mac have updated their definition files to prevent the malware from working, and it is likely that Apple itself will follow suit with a silent upgrade to its own anti-malware protection in due course.

Legitimate users and buyers of GraphicConverter have no cause for concern. Both Sophos and Intego offer free or trial versions of their anti-malware software for home Mac users.





by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. facebook_Michael

    Via Facebook

    Joined: Oct 2011

    -1

    As long as it's only ...

    in the pirated software, I'm not worried. Seems a good thing to me.

  1. chas_m

    Joined:

    +3

    No

    I'm very anti-piracy myself, but NO it's not a good thing. It's a potential security flaw that Apple should fix now that they are aware of it.

  1. Mr. Strat

    Joined: Dec 1969

    -1

    More FUD

    I just love it when companies who just happen to sell anti-virus software warn us about potential threats.

  1. testudo

    Joined: Dec 1969

    +2

    Re: More FUD

    And I just love when idiot commenters always make the same comment about anti-virus makers warning you about threats.

    Pray tell, who else would know about such threats? Who would you trust that a threat existed?

    Apple? Oh, wait, they'll probably tell you to upgrade your OS to Lion to be protected, so that's just a money grab too.

    Perhaps MS? Nah, they're spreading FUD to keep Windows users.

    Oh, I know, how about some bloggers or a columnist in a magazine? Nah, they're just idiots. What do they know, they aren't experts in the world of computer security.

    Hackers? Nah, can't be trusted. They're just probably trying to make people think that OS X is not super solid and to get some street cred or something.

    Gee, so, really, there's no one who could say "Hey, there's a threat out there for the Mac" that you couldn't claim was a piece of FUD by the crowd of Anti-Apple people or those trying to make a quick buck.

  1. testudo

    Joined: Dec 1969

    +4

    Re: No

    I'm very anti-piracy myself, but NO it's not a good thing. It's a potential security flaw that Apple should fix now that they are aware of it.

    There is NO security flaw. These are trojan horses, which means they are just programs that hide their payloads. You can't protect against such a thing. You're actually running the stupid thing yourself!

  1. nhmlco

    Joined: Dec 1969

    -2

    comment title

    As far as I'm concerned, pirates deserve whatever they get...

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented

 
toggle

Popular News