Antivirus company Intego today announced that it has discovered a new spyware application capable of infecting computers running Mac OS X. The spyware, known as "OSX/OpinionSpy", is downloaded and installed on users' computers via the installation process for unrelated applications hosted on several popular download sites.
This spyware, OSX/OpinionSpy, performs a number of malicious actions, from scanning files to recording user activity, as well as sending information about this activity to remote servers and opening a backdoor on infected Macs.
OSX/OpinionSpy is installed by a number of applications and screen savers that are distributed on sites such as MacUpdate, VersionTracker and Softpedia. The spyware itself is not contained in these applications, but is downloaded during the installation process.
According to the report, the installation instructions for the seemingly harmless media converter software and screensavers that serve as the vehicle for the spyware in some cases require the user to accept installation of a "market research" add-on that actually opens a backdoor on the infected computer, scans files, and transmits data to remote servers.
Users have no way of knowing exactly what data is collected and sent to remote servers; such data may include user names, passwords, credit card numbers and more. The risk of this data being collected and used without users' permission makes this spyware particularly dangerous to users' privacy.
Full details on the malware's actions are available on Intego's site.
OSX/OpinionSpy is a new Mac OS X version of Windows malware that has been floating around since 2008.
