Sure, Macs ‘Don't Get Viruses’, But CoinThief Mac OS X Trojan Steals Bitcoins

Bitcoin digital currency is somewhat controversial as many people are just completely confused by it, but that hasn’t stopped Bitcoin from being used around the world--nor has it protected the currency from cybercriminals.

SecureMac detailed the discovery of a Trojan called OSX/CoinThief.A that specifically targets Apple computers running Mac OS X. “The malware, which comes disguised as an app to send and receive payments on Bitcoin Stealth Addresses, instead covertly monitors all web browsing traffic in order to steal login credentials for Bitcoin wallets,” reads the post.

Image Source, above: Flickr (antanacoins); Inset, via Ross Burgess

The malicious app that facilitates the infection is called StealthBit, which installs browser extensions in Safari and Google Chrome on infected systems and looks for Bitcoin-related login credentials. When found, the malware sends the information bad to the criminals’ remote server.

That pilfered data also includes usernames and UUIDs (unique identifiers) attached to the infected Mac as well as whether there are any Bitcoin-related applications installed on the system.