Security Firm Warns Of New Mac Malware - InformationWeek
Mobile // Mobile Applications
06:31 PM
Jake Widman
Jake Widman
Threat Intelligence Overload?
Aug 23, 2017
A wide range of threat intelligence feeds and services have cropped up keep IT organizations up to ...Read More>>

Security Firm Warns Of New Mac Malware

Some software available from popular Mac download sites installs a Mac version of a long-known piece of Windows spyware, according to Mac security vendor Intego.

Some software available from popular Mac download sites installs a Mac version of a long-known piece of Windows spyware, according to Mac security vendor Intego.The malware, known as "OS X/OpinonSpy," scans files on an infected Mac and records user activity, and sends collected data to remote servers. The malware isn't contained within the downloaded software itself, but rather is installed as a side effect of installing the desired software. Sometimes the user will be asked to accept a "market research" application called PremierOpinion along with the software installation, but sometimes that warning is skipped. The infected software has been identified on sites such as MacUpdate, VersionTracker, and Softpedia, but has also been found in files downloaded directly from the developers.

As described on Intego's Mac Security Blog, the spyware requests an administrator's password on installation and after that runs as root, meaning it has access to every file on the infected Mac. It scans all local and network volumes and sends information to a number of remote servers. According to Intego, "The fact that this application collects data in this manner, and that it opens a backdoor, makes it a very serious security threat. In addition, the risk of it collecting sensitive data such as user names, passwords and credit card numbers, makes this a very high-risk spyware."

In another post, Intego lists the downloads it has identified so far as containing the spyware. Most of them are screen savers from a company called 7art-screensavers, but the company has also found one application, Mishlnc FLV To Mp3, which converts Flash videos and extracts their soundtracks. Intego does not intend this to be a comprehensive list, just the infected software it has found so far.

Intego's security products VirusBarrier X5 and X6, with threat filters updated this week, can detect and remove OpinionSpy, the company says. This news points up the need for Mac-using businesses to remain vigilant and take measures to protect their systems, despite the Mac's (well-deserved) reputation for safety. It's not known what OS X/OpinionSpy's creators are doing with the information they collect, but you don't want to be the one to find out the hard way. I previously listed some well-regarded Mac security software -- read the post and get yourself some, if you haven't already.

More From InformationWeek SMB:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll