Security Alert: OSX/OpinionSpy Spyware Installed by Freely Distributed Mac Applications. Malware Malware: OSX/OpinionSpyRisk: HighDescription: Intego has discovered a spyware application that is installed by a number of freely distributed Mac applications and screen savers found on a variety of websites. This spyware, OSX/OpinionSpy, performs a number of malicious actions, from scanning files to recording user activity, as well as sending information about this activity to remote servers and opening a backdoor on infected Macs.
OSX/OpinionSpy is installed by a number of applications and screen savers that are distributed on sites such as MacUpdate, VersionTracker and Softpedia. The spyware itself is not contained in these applications, but is downloaded during the installation process. This shows the need for an up-to-date anti-malware program with a real-time scanner that can detect this malware when it is downloaded by the original application’s installer. OSX/OpinionSpy performs the following actions: Comments are closed. Further Information about the OSX/OpinionSpy Spyware. New Attacks Against PDF Flaw Found in the Wild. Security Memo: HellRTS Backdoor Can Allow Malicious Remote Users to Control Macs. Security Memo: Trojan Horse OSX/Koobface.A Affects Mac OS X Mac – Koobface Variant Spreads via Facebook, Twitter and More.
Malware Malware: OSX/Koobface.ARisk: Low Description: Intego has discovered a Mac version of the Koobface worm, which spreads via social networks such as Facebook, MySpace and Twitter. Intego’s Virus Monitoring Center has been examining this malware for some time, and given the low level of risk, has not publicly issued information about it. Since other reports have been made public about this malware, Intego has decided to publish this security memo. Reports have circulated discussing a Trojan horse, but without understanding either the scope or the functioning of this malware. This threat is a Mac OS X version of the Koobface worm, which is served as part of a multi-platform attack via a malicious Java applet. The malware itself is made up of a number of elements, though in order to simplify, we will use the term “Trojan horse” to describe it. Users first encounter this malware via links on Facebook, MySpace and Twitter, but links can and do exist from other web sites as well.
More Information About the Koobface Trojan Horse for Mac. Malware Intego’s researchers have been examining the OSX/Koobface.A Trojan horse for some time, and the company provided some information about this Trojan horse yesterday. Following a number of questions, Intego would like to present some additional information about this Trojan horse. This malware, unlike what one company claims, is not a “critical” risk, for several reasons. The level of risk for any given malware depends on several criteria, and this risk is fluid. As time changes, the risk level can increase or decrease depending on how common the malware is, whether new variants appear, and other conditions. First of all, OSX/Koobface.A is not very widespread. Second, the malware is flawed, and does not work correctly in all situations. Finally, the installer for this malware contacts a number of remote servers to download files.
In addition to the servers used to provide elements installed on Macs, one part of the malware contacts IRC servers.