Security Firm Warns Of New Mac Malware - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Applications
06:31 PM
Jake Widman
Jake Widman

Security Firm Warns Of New Mac Malware

Some software available from popular Mac download sites installs a Mac version of a long-known piece of Windows spyware, according to Mac security vendor Intego.

Some software available from popular Mac download sites installs a Mac version of a long-known piece of Windows spyware, according to Mac security vendor Intego.The malware, known as "OS X/OpinonSpy," scans files on an infected Mac and records user activity, and sends collected data to remote servers. The malware isn't contained within the downloaded software itself, but rather is installed as a side effect of installing the desired software. Sometimes the user will be asked to accept a "market research" application called PremierOpinion along with the software installation, but sometimes that warning is skipped. The infected software has been identified on sites such as MacUpdate, VersionTracker, and Softpedia, but has also been found in files downloaded directly from the developers.

As described on Intego's Mac Security Blog, the spyware requests an administrator's password on installation and after that runs as root, meaning it has access to every file on the infected Mac. It scans all local and network volumes and sends information to a number of remote servers. According to Intego, "The fact that this application collects data in this manner, and that it opens a backdoor, makes it a very serious security threat. In addition, the risk of it collecting sensitive data such as user names, passwords and credit card numbers, makes this a very high-risk spyware."

In another post, Intego lists the downloads it has identified so far as containing the spyware. Most of them are screen savers from a company called 7art-screensavers, but the company has also found one application, Mishlnc FLV To Mp3, which converts Flash videos and extracts their soundtracks. Intego does not intend this to be a comprehensive list, just the infected software it has found so far.

Intego's security products VirusBarrier X5 and X6, with threat filters updated this week, can detect and remove OpinionSpy, the company says. This news points up the need for Mac-using businesses to remain vigilant and take measures to protect their systems, despite the Mac's (well-deserved) reputation for safety. It's not known what OS X/OpinionSpy's creators are doing with the information they collect, but you don't want to be the one to find out the hard way. I previously listed some well-regarded Mac security software -- read the post and get yourself some, if you haven't already.

More From InformationWeek SMB:

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
11 Ways DevOps Is Evolving
Lisa Morgan, Freelance Writer,  2/18/2021
Graph-Based AI Enters the Enterprise Mainstream
James Kobielus, Tech Analyst, Consultant and Author,  2/16/2021
What Comes Next for AWS with Jassy to Become Amazon CEO
Joao-Pierre S. Ruth, Senior Writer,  2/4/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll