BlackBerry Forums Support Community
              

Closed Thread
 
Thread Tools
Old 06-02-2010, 01:41 PM   #1
Dubdub
Appleinator
 
Dubdub's Avatar
 
Join Date: Nov 2005
Location: New Hampshire
Model: App6+
OS: AJBR549
PIN: Ask
Carrier: ATT & Verizon
Posts: 20,038
Default Dangerous New Mac Spyware Making the Rounds

Please Login to Remove!

This has little to do with BB's but a lot to do with Mac users:

Dangerous New Mac Spyware Making the Rounds

There’s a very nasty piece of spyware attacking Apple’s computer platform. It’s called OSX/OpinionSpy, and it piggybacks in on free screensaver and media conversion software.

Specifically, around 30 screensavers developed by a company called 7art and one app called Mishinc FLV to MP3 carry the spyware, according to security firm Intego. The programs were available on popular sites, like Softpedia, MacUpdate and VersionTracker, though they’ve since been pulled from those locations. MacUpdate told CNET that it had been aware of the problem as far back as March and had acted accordingly.

The spyware app isn’t part of the software itself, but instead downloads during the installation of the originally downloaded programs. It often masquerades as a market research program called PremierOpinion that tracks browsing and purchasing information for market research purposes, but it also can come completely unannounced. The aim of OSX/OpinionSpy is to collect data from files and programs. Here’s a breakdown of a few ways it does its dirty work:

* Runs as root, allowing complete access, including modification, to all files
* Scans all accessible files on local and network drives
* Opens a back door using port 8254
* Analyzes data transmitted via a LAN connection, allowing a single Mac to collect data from an entire network
* If the application is killed, it automatically relaunches via launchd, the system-wide OS X service launcher
* Injects code into Safari, Firefox and iChat without any user authorization or action required, and then copies personal data from these applications. Code is injected into Mac memory, not the actual application’s files, allowing it to go undetected

It can be upgraded via the backdoor access without the user’s knowledge, and just deleting the original program it came in on won’t eliminate the spyware itself. To rid yourself of the infection, if you think you might have it, you should grab ClamXav or iAntiVirus or another trusted Mac malware scanner. Signs that you may be infected include your computer sometimes asking for your name or prompting you to fill out forms and surveys. Also, your computer may stop working correctly and require a reboot.

Intego is using the opportunity to push its anti-virus products, which is only fair given that it’s at least warning people about it, but as always, I recommend sensible downloading and browsing practice before any other means of virus or malware protection. If something seems suspicious, it probably is, and if you find you have no internal means of analyzing what constitutes danger and what doesn’t in term of online activity, consult with someone who you know definitely does. Finally, if something is free, always exercise extra caution

Dangerous New Mac Spyware Making the Rounds
__________________
-->>BB FAQ

-->>Stinsonddog's Tip Site!

-->>Twitter


If someone helps, tell them by clicking the Thanks button.!!
Offline  
Old 06-02-2010, 07:42 PM   #2
okader
Thumbs Must Hurt
 
Join Date: Feb 2009
Location: Chicago
Model: 9000
OS: OS 10.6
PIN: N/A
Carrier: At&t
Posts: 61
Default

thank you for the info Dubdub. very helpful
Offline  
Old 06-09-2010, 10:31 AM   #3
steveberry
New Member
 
steveberry's Avatar
 
Join Date: May 2010
Location: Toronto
Model: 8100
PIN: N/A
Carrier: Rogers
Posts: 10
Default

Great post! Thank you for sharing this.
Offline  
Old 06-09-2010, 10:44 AM   #4
Dubdub
Appleinator
 
Dubdub's Avatar
 
Join Date: Nov 2005
Location: New Hampshire
Model: App6+
OS: AJBR549
PIN: Ask
Carrier: ATT & Verizon
Posts: 20,038
Default

I have not heard any more about, so I do not know how "real" or how it has spread.
__________________
-->>BB FAQ

-->>Stinsonddog's Tip Site!

-->>Twitter


If someone helps, tell them by clicking the Thanks button.!!
Offline  
Old 06-12-2010, 12:09 PM   #5
Jagga
CrackBerry Addict
 
Jagga's Avatar
 
Join Date: Oct 2004
Location: Toronto
Model: Z10
Carrier: Lord Rogers - 107
Posts: 862
Default

There was a recent update to Safari so I'm sure this is closed. Also these will request a password for admin no? Root requires an admin pw to begin with.
__________________
Senior help desk administrator (rim_db_admin_sr_helpdesk)
Serious Mobile
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


1PCS 2MBI400TB-060 IGBT Module picture

1PCS 2MBI400TB-060 IGBT Module

$77.00



1PCS KE721K03 Electronic Components  IGBT Module Electronic picture

1PCS KE721K03 Electronic Components IGBT Module Electronic

$81.00



1PCS MDD255-16N1 IGBT Module picture

1PCS MDD255-16N1 IGBT Module

$75.00



1PCS VUO80-16N01 IGBT Module picture

1PCS VUO80-16N01 IGBT Module

$40.00



Portable 600pc 15Value NPN PNP Transistor TO-92 Assortment Kit Set /Box Hot picture

Portable 600pc 15Value NPN PNP Transistor TO-92 Assortment Kit Set /Box Hot

$11.16



MOSFET - IRFZ44N 55V - Transistor  for Arduino Pi  TTL picture

MOSFET - IRFZ44N 55V - Transistor for Arduino Pi TTL

$54.79







Copyright © 2004-2016 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.