Mobile // Mobile Applications
Commentary
6/1/2010
06:31 PM
Jake Widman
Jake Widman
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Security Firm Warns Of New Mac Malware

Some software available from popular Mac download sites installs a Mac version of a long-known piece of Windows spyware, according to Mac security vendor Intego.

Some software available from popular Mac download sites installs a Mac version of a long-known piece of Windows spyware, according to Mac security vendor Intego.The malware, known as "OS X/OpinonSpy," scans files on an infected Mac and records user activity, and sends collected data to remote servers. The malware isn't contained within the downloaded software itself, but rather is installed as a side effect of installing the desired software. Sometimes the user will be asked to accept a "market research" application called PremierOpinion along with the software installation, but sometimes that warning is skipped. The infected software has been identified on sites such as MacUpdate, VersionTracker, and Softpedia, but has also been found in files downloaded directly from the developers.

As described on Intego's Mac Security Blog, the spyware requests an administrator's password on installation and after that runs as root, meaning it has access to every file on the infected Mac. It scans all local and network volumes and sends information to a number of remote servers. According to Intego, "The fact that this application collects data in this manner, and that it opens a backdoor, makes it a very serious security threat. In addition, the risk of it collecting sensitive data such as user names, passwords and credit card numbers, makes this a very high-risk spyware."

In another post, Intego lists the downloads it has identified so far as containing the spyware. Most of them are screen savers from a company called 7art-screensavers, but the company has also found one application, Mishlnc FLV To Mp3, which converts Flash videos and extracts their soundtracks. Intego does not intend this to be a comprehensive list, just the infected software it has found so far.

Intego's security products VirusBarrier X5 and X6, with threat filters updated this week, can detect and remove OpinionSpy, the company says. This news points up the need for Mac-using businesses to remain vigilant and take measures to protect their systems, despite the Mac's (well-deserved) reputation for safety. It's not known what OS X/OpinionSpy's creators are doing with the information they collect, but you don't want to be the one to find out the hard way. I previously listed some well-regarded Mac security software -- read the post and get yourself some, if you haven't already.

More From InformationWeek SMB:

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A UBM Tech Radio episode on the changing economics of Flash storage used in data tiering -- sponsored by Dell.
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.