Software available from popular Mac download sites may be infected with very high risk spyware, security vendor Intego has reported.
The spyware, known as “OS X/OpinionSpy” installs itself during installation of downloaded packages but is not contained in the software itself.
Software available on sites such as Softpedia, VersionTracker, MacUpdate and other developers’ sites was found to have the spyware.
The user will either be asked to approve the installation of a ‘market research’ application called PremierOption or the warning may be skipped altogether.
Get daily business news.
The latest stories, funding information, and expert advice. Free to sign up.
The malware requests an administrator’s password during installation and then runs a root giving access to all files on local and network volumes before opening a backdoor to the Mac and sending data to remote servers.
The report from Intego says because the application opens a back door and collects data like this it is a very serious security threat.
“The risk of it collecting sensitive data such as user names, passwords and credit card numbers, makes this a very high-risk spyware.”
So far Intego have listed some of the software that they have identified as carrying the malware. Screensavers from a company called 7art-screensavers and a Flash conversion application called Mishlnc FLV to Mp3 are listed.