DevilRobber Trojan
Posted: November 23, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 9/10 |
---|---|
Infected PCs: | 4 |
First Seen: | November 23, 2011 |
---|---|
OS(es) Affected: | Windows |
DevilRobber Trojan is a Trojan horse that's, unusually, built for OS X operating systems rather than Windows computers. Although out-of-date DevilRobber Trojan variants were distributed in otherwise-legitimate graphics conversation packages, the latest version of DevilRobber Trojan is distributed in the form of a fake PixelMator program (a legitimate image editor). DevilRobber Trojan's capabilities, as noted by SpywareRemove.com malware research team, largely consist of theft of personal information and the ability to tamper with Bitcoin values. As a Trojan, DevilRobber Trojan is designed to hide itself from sight and may have no visible symptoms besides appropriate warnings from anti-malware programs. If you suspect that DevilRobber Trojan is on your computer, it's recommended that you remove DevilRobber Trojan ASAP via proper security software usage lest you lose both your digital money and your account passwords.
DevilRobber Trojan – a Little Bit of Spyware Just for OS X
As an attacker of Mac OS X operating systems, DevilRobber Trojan can't threaten Windows computers, but should be considered a very real and ongoing danger to anyone who uses OS X. The original version of DevilRobber Trojan also displayed features that are lacking in DevilRobber Trojan's latest variant, such as the ability to capture screen images, but even the latest version of DevilRobber Trojan is capable of extremely-invasive attacks. SpywareRemove.com malware researchers have found that new DevilRobber Trojan variants are distributed solely as fake PixelMator programs and lack any of the image-editing features that a real PixelMator application possesses.
Also, known as DevilRobberV3, this new version of DevilRobber Trojan has been known to display the following traits:
- DevilRobber Trojan will attempt to steal passwords from 1Password, a password-management utility.
- DevilRobber Trojan will attempt to generate Bitcoins (an experimental and digital-only currency format) to inflate the fiscal holdings of its hacker partners.
- DevilRobber Trojan will also attempt to steal Bitcoins from your online 'wallet.'
- Lastly, DevilRobber Trojan keeps track of OS X system log files as well as the history files for your Terminal commands.
As a side effect of these attacks, you will also find a security backdoor opened on your system, to allow DevilRobber Trojan to send its stolen information to criminal entities (via FTP). Additional attacks may also occur through this security vulnerability.
Keeping Your OS X Free of DevilRobber Trojan's Thievery
Since DevilRobber Trojan targets OS X specifically, using Mac-compatible brands of anti-malware programs to protect your PC can effectively halt DevilRobber Trojan's attacks or even prevent its installation in the first place. SpywareRemove.com malware researchers note that anti-malware products with firewall-based security features appear to be very effective at preventing the latest version of DevilRobber Trojan from functioning, although other variants of DevilRobber Trojan may simply prevent themselves from being installed if they detect the presence of such software.
Prevention, however, is preferable to needing to delete DevilRobber Trojan, and so it's strongly encouraged for you to avoid DevilRobber Trojan's primary propagation source: pirated software. As long as you download software from strictly-legitimate sources and use software from trustworthy brands your computer shouldn't have much to fear from DevilRobber Trojan.
Depending on your anti-malware software of choice, DevilRobber Trojan may also be detected by the names Backdoor:MacOS_X/DevilRobber.A and Backdoor:MacOS_X/DevilRobber.B.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:file.exe
File name: file.exeSize: 31.9 KB (31902 bytes)
MD5: 7364058a360ca4365862568607a68fde
Detection count: 1
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 24, 2011
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.