Hot on the heels of Microsoft’s retort to Google’s Windows security snub comes word of what’s being describedas a high-risk spyware/malware exploit affecting OS X computers. According to security firm Intego, the spyware – which it calls OpinionSpy but which has also been identified as PremierOpinion – is being distributed through various free screensavers for OS X (full list after the cut), and if installed is capable of “scanning files to recording user activity, as well as sending information about this activity to remote servers and opening a backdoor on infected Macs.”
The malware is the handiwork of comScore (through their VoiceFive Networks subsidiary), and is downloaded as part of the installation process for the various screensavers. Some of the affected apps do indicate in the ToS that ”market research” program is installed, but not all; once installed – complete with root privileges – it opents an HTTP backdoor, analyses files on all available volumes, all packets from the local network going in and out, copies personal data from browsers, and then sends encrypted reports to various remote servers including e-mail addresses, iChat message headers and URLs, as well as other data.
Even if OS X users subsequently uninstall the screensaver, the malware is left present, and it can automatically update itself in the background. Obviously Intego would like you to buy their anti-malware apps for Mac, but there’s a manual process here. Still, as more users get turned onto OS X – and novice ones at that, perhaps all too willing to download apps without reading the ToS, or give up their administrator’s password during the install process – it seems we may have to get used to malware and spyware for the platform increasing.