Home / malware OSX.Stealbit.B
First posted on 10 May 2014.
Source: SymantecAliases :
There are no other names known for OSX.Stealbit.B.
Explanation :
When the Trojan is executed, it creates the following files:
%Temp%/Payload/080.dSYM%Temp%/Payload/080.dylib%Temp%/Payload/081.dSYM%Temp%/Payload/081.dylib%Temp%/Payload/com.google.xupdater%Temp%/Payload/com.google.xupdater.plist
The Trojan checks for specific versions of the Bitcoin-Qt program and, if installed, will apply a malicious patch to steal bitcoins.Last update 10 May 2014
