The malware, OSX/CoinThief, was first discovered earlier this month by researchers at SecureMac, and was found to steal login credentials related to various Bitcoin-related exchanges and wallet sites via malicious browser add-ons.
Their researchers found that the malware had been disguised as trojanised versions of Bitcoin Ticker TTM (To The Moon), BitVanity, StealthBit and Litecoin Ticker, and distributed through popular download sites including Download.com and MacUpdate.com.
However, the malware experts at ESET labs have also seen OSX/CoinThief spread through torrents as cracked versions of the following popular Mac OS X applications:
- BBEdit – an OS X text editor
- Pixelmator – a graphics editor
- Angry Birds – a game of trebuchet-powered temperamental avian bombardment
- Delicious Library – a media cataloguing application
Full Topic