New DevilRobber trojan
Published October 28th, 2011 at 9:02 PM EDT , modified October 28th, 2011 at 9:02 PM EDT
Intego has announced discovery of yet another Mac trojan, which they call DevilRobber. DevilRobber seems to be primarily oriented towards the task of bitcoin mining, and at this time is exclusively distributed in modified applications distributed illegally over torrents. But what does all that mean to the average user?
Chances are good you’ve never heard of bitcoins, and have no idea what bitcoin mining might be. A bitcoin is in essence a fictional currency. Just like real currency, bitcoins are carefully controlled and can be traded for goods and services. Bitcoins can be obtained by selling something in trade for bitcoins or by purchasing them with traditional currency. There also appears to be some hard-to-understand method of “manufacturing” new bitcoins, called mining. It’s very difficult to understand why anyone would be interested in such a thing, especially when the list of businesses that accept bitcoins is relatively short and includes no mainstream companies.
Part of the answer, of course, is the ideal of “free money” that relies on no centralized authority. That is not something that will appeal to the vast majority of people, who will prefer a practical currency. However, it’s not difficult to understand why someone might be interested in bitcoin mining. All you have to do, evidently, is leave your computer running calculations and, over time, you will gain bitcoins for nothing but the cost of keeping your computer running. It goes without saying that this has been abused by unscrupulous people. By creating malware that uses other people’s computer to help you mine coins for yourself, you can cheat the bitcoin system, gaining more of the limited supply of new bitcoins than you are entitled to. Of course, malware can also steal bitcoins from your bitcoin “wallet” as well.
If you’re anything like me, you couldn’t care less about the theft of bitcoins. However, no malware is trustworthy, by nature, and this malware will do a variety of other unsavory things in addition to using your computer to help steal bitcoins. According to Intego’s report, it will do everything it can to harvest personal information from your computer, such as usernames and passwords, Safari history and (ready to be creeped out?) child pornography. It’s definitely not something you want on your computer.
Fortunately, it’s not hard to avoid DevilRobber at this time: just don’t download stolen software over a torrent! Since many people, in my experience, don’t understand when the software they download from a torrent is stolen, and since this is far from the first time Mac malware has been distributed over torrents, my advice would be to avoid torrents altogether. Downloading from torrents is like buying a watch from a guy in an overcoat in a New York City alley.