A new adware program like a ghost installs itself on Mac OS X systems and opens Web browser windows, said F-Secure.
The software, dubbed iAdware by the Finnish security company, is perhaps the first example of adware for Macs. It is particularly interesting since it doesn't require administrative privileges to lie on the computers, according to F-Secure.
"We won't disclose the exact technique used here, it's a feature not a bug, but let's just say that installing a System Library shouldn't be allowed without prompting the user," disclosed the F-Secure blog last week.
The application is a proof-of-concept sent to F-Secure and it is not out targeting users on the Internet.
"In theory, this program could be silently installed to your user account and hooked to each application you use," according to the F-Secure blog. "This particular sample successfully launched the Mac's Web browser when we used any of a number of applications."
Nasty software that targets Mac OS X systems is infrequent and has been limited mainly to proof-of-concept code, instead of actual attacks. However, there are indications that hackers are more and more targeting the Mac, which experts have said is not impermeable to attacks.
For example, as part of a operation called the Month of the Kernel Bugs, several new flaws have been disclosed in Apple Computer software, the latest on Tuesday in the AppleTalk protocol. Last week, exploit code was released for an additional yet-to-be-fixed flaw in Mac OS X related to disk image structures.
Apple could not be reached right away for comment.
|
