F-Secure, the people who in October sounded the alarm on the Flashback malware emerging on Mac OS X, have announced today that an updated version of DevilRobber is on the loose.
“We found an updated version of Backdoor:OSX/DevilRobber, which we posted about earlier,” writes Wayne over at the F-Secure blog.
The trojan is similar to its predecessor, but it arrives under a different name - PixelMator - and uses the same technique to disguise itself as a legitimate application.
Based on the malware's dump.txt file, this latest backdoor is identified as Version 3 (v3), says the security firm. In addition to the changed distribution method, DevilRobberV3 has at least half a dozen changes in its information harvesting script, according to F-Secure. Their full advisory can be found here