Mobile // Mobile Applications
Commentary
6/1/2010
06:31 PM
Jake Widman
Jake Widman
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Security Firm Warns Of New Mac Malware

Some software available from popular Mac download sites installs a Mac version of a long-known piece of Windows spyware, according to Mac security vendor Intego.

Some software available from popular Mac download sites installs a Mac version of a long-known piece of Windows spyware, according to Mac security vendor Intego.The malware, known as "OS X/OpinonSpy," scans files on an infected Mac and records user activity, and sends collected data to remote servers. The malware isn't contained within the downloaded software itself, but rather is installed as a side effect of installing the desired software. Sometimes the user will be asked to accept a "market research" application called PremierOpinion along with the software installation, but sometimes that warning is skipped. The infected software has been identified on sites such as MacUpdate, VersionTracker, and Softpedia, but has also been found in files downloaded directly from the developers.

As described on Intego's Mac Security Blog, the spyware requests an administrator's password on installation and after that runs as root, meaning it has access to every file on the infected Mac. It scans all local and network volumes and sends information to a number of remote servers. According to Intego, "The fact that this application collects data in this manner, and that it opens a backdoor, makes it a very serious security threat. In addition, the risk of it collecting sensitive data such as user names, passwords and credit card numbers, makes this a very high-risk spyware."

In another post, Intego lists the downloads it has identified so far as containing the spyware. Most of them are screen savers from a company called 7art-screensavers, but the company has also found one application, Mishlnc FLV To Mp3, which converts Flash videos and extracts their soundtracks. Intego does not intend this to be a comprehensive list, just the infected software it has found so far.

Intego's security products VirusBarrier X5 and X6, with threat filters updated this week, can detect and remove OpinionSpy, the company says. This news points up the need for Mac-using businesses to remain vigilant and take measures to protect their systems, despite the Mac's (well-deserved) reputation for safety. It's not known what OS X/OpinionSpy's creators are doing with the information they collect, but you don't want to be the one to find out the hard way. I previously listed some well-regarded Mac security software -- read the post and get yourself some, if you haven't already.

More From InformationWeek SMB:

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.