New Mac OS X malware uses GPU and spies on users

Posted on Oct 31 2011 - 7:49am by Julius

A new malware that targets Apple Mac OS computers has been discovered, and packs a double whammy: it uses the system’s graphics processing unit (GPU) to mine for Bitcoins, and it spies on the user.

Security experts at Sophos said that the malware, named DevilRobber (also known as OSX/Miner-D), comes with copies of Mac OS X image editing app GraphicConverter ver. 7.4 that are uploaded to torrent sites and other file-sharing networks.

“If your Mac computer was infected by the malware, the first thing you might notice is performance becoming sluggish. That’s because OSX/Miner-D tries to generate Bitcoins, the currency of the anonymous digital cash system, by stealing lots of GPU (Graphics Processing Unit) time. GPUs are much better than regular CPUs at performing the mathematical calculations required for Bitcoin mining,” the software firm wrote in a blog post. “Yes, this Mac malware is stealing computing time as well as data.”

Aside from mining Bitcoins, the trojan also spies on the user by stealing usernames and passwords and taking screenshots of the system’s screen. The malware also runs a script that copies all the user’s valuable data to a file called dump.txt.

Sophos said that the app’s producers have not done anything wrong, as they are victims of cyber criminals who use their software as a trap to infect users who download the app from unofficial sources.

The security firm advised Mac OS X users to practice safe computing, and only get software from legitimate download services and official websites.


via: Sophos

Leave A Response