Every few months, Mac security firm Intego pops up, waves their arms hysterically around and screams that the OS X sky is falling, having identified new malware in the wild. Rinse, repeat.
Their latest report is no different: Intego has identified 30 screensavers developed by a company called 7art and one app called Mishinc FLV to MP3 that are infected with a spyware program called OSX/OpinionSpy.
The app isn’t actually part of the software itself: it downloads during the installation of the original programs. It apparently runs as root, scans all accessible files on all drives, opens a back door using port 8254, and injects code into Safari, Firefox and iChat through Mac memory, beaming out its surreptitiously snooped data into the wild. Worse, it automatically relaunches even if you close the file.
Anyway, be warned: you probably don’t have it, given the obscurity of the programs in question, but if you notice your computer asking for your name or suggesting you fill out some forms and surveys, it’s probably time to break out the malware scanner.
[via The Apple Blog]
