Researchers from Intego have
uncovered spyware being distributed with numerous free screensavers and
applications for Mac OS X.
According to Intego, the spyware, detected as OSX/OpinionSpy, records user
activity and opens a backdoor
on infected systems. The malware is installed by a number of applications
and screensavers distributed on sites such as MacUpdate, VersionTracker and
Softpedia. While the spyware itself is not contained in these applications, it
is downloaded during the installation process, the company noted.
“The information provided with some of these applications contains a
misleading text that users must accept explaining that a 'market research'
program is installed with them, but not all of these specify this,” Intego said
in a June 1 advisory. “Some of these programs are also distributed directly
from developers’ web sites with no such warning.”
The malware, a version of which has existed
for Windows since 2008, claims to collect browsing and purchasing
information used in market reports but in fact goes much further—a fact that
led Intego to classify it as spyware.
In addition to the actions mentioned above, Intego warned that OSX/OpinionSpy
also analyzes packets entering and leaving the infected Mac over the local
network, injects code into Safari, Firefox and iChat, and copies personal data
from these applications without user intervention.
“Users have no way of knowing exactly what data is collected and sent to
remote servers; such data may include user names, passwords, credit card
numbers and more,” Intego warned. “The risk of this data being collected and
used without users’ permission makes this spyware particularly dangerous to
users’ privacy.”
IT Security & Network Security News & Reviews News & Reviews 
