Apple’s Macs Targeted By Bitcoin Thief Malware Hiding in Cracked Apps


A recently discovered malware that targeted Apple (NASDAQ:AAPL) Mac users with Bitcoin accounts has spread to non-Bitcoin programs in what appears to be a bid to infect even more computers. According to security company ESET’s WeLiveSecurity blog, the OSX/CoinThief malware was first detected on February 9 by researchers at SecureMac. The malware enabled attackers to raid Bitcoin owners’ accounts by stealing their login credentials for Bitcoin exchanges and other popular Bitcoin websites.

The original version of the malware was spread through trojanized versions of various crypto-currency price ticker browser extensions, such as Bitcoin Ticker TTM and Litecoin Ticker. As noted by SecureMac, these malware programs were found on mainstream download sites such as CNET’s and

However, ESET researchers recently discovered the OSX/CoinThief malware in various “cracked,” or pirated, versions of popular Mac OS X applications that are being shared via torrent websites. According to the WeLiveSecurity blog, ESET researchers have found the malicious software in cracked versions of text editor BBEdit, graphic editor Pixelmator, media cataloguing application Delicious Library, and the wildly-popular video game Angry Birds. The malware’s recent appearances in popular cracked Mac OS X applications will likely help spread this malicious program to even more computers.

Obviously, the best protection from the latest version of this malware is to avoid downloading any pirated software. Legitimate versions of these programs are available from Apple’s App Store or from the software developers’ websites. However, for Mac users who have already been infected via a cracked OS X app or a trojanized Bitcoin ticker add-on, SecureMac has provided step-by-step instructions for identifying and removing the OSX/CoinThief malware. ESET security researchers also recommended that Mac users install up-to-date anti-virus software on their devices.

As noted by the WeLiveSecurity blog, the malware appears to be taking advantage of the growing popularity of the Bitcoin digital currency. However, Apple has been less than supportive of this emerging currency. As reported by Bloomberg, the California-based company recently pulled Blockchain, an iOS app that allowed users to transmit and receive bitcoins, from its App Store after citing “an unresolved issue.” Apple has also previously removed other Bitcoin apps that allowed users to transmit and receive the currency.

Despite the recent discovery of the OSX/CoinThief malware, it should be noted that Apple’s operating systems typically have less malware issues than other operating systems due to the company’s so-called “walled-garden” approach to its ecosystem. For example, according to Cisco’s (NASDAQ:CSCO) annual security report, 99 percent of all mobile malware in 2013 targeted Google’s (NASDAQ:GOOG) Android operating system. However, Apple has also seen its share of major malware infections, including a widely-publicized incident last year when Macintosh computers belonging to some Apple employees were infected by a malware that was used to launch attacks against Facebook (NASDAQ:FB), reports Reuters.

Follow Nathanael on Twitter (@ArnoldEtan_WSCS)

More From Wall St. Cheat Sheet: